diff --git a/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap b/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap index e6efcf79b07..020395f856b 100755 --- a/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap +++ b/cmd/osv-scanner/scan/source/__snapshots__/command_test.snap @@ -4148,7 +4148,7 @@ Scanned /testdata/sbom-insecure/postgres-stretch.cdx.xml file and found Filtered 1 local/unscannable package/s from the scan. Loaded Debian local db from /osv-scanner/Debian/all.zip Loaded Go local db from /osv-scanner/Go/all.zip -Total 21 packages affected by 158 known vulnerabilities (17 Critical, 68 High, 49 Medium, 1 Low, 23 Unknown) from 2 ecosystems. +Total 21 packages affected by 161 known vulnerabilities (17 Critical, 68 High, 49 Medium, 1 Low, 26 Unknown) from 2 ecosystems. 11 vulnerabilities can be fixed. @@ -4239,6 +4239,9 @@ Total 21 packages affected by 158 known vulnerabilities (17 Critical, 68 High, 4 | https://osv.dev/DEBIAN-CVE-2022-23308 | 7.5 | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-9714 | 5.5 | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DLA-4319-1 | | | | | | | +| https://osv.dev/DEBIAN-CVE-2026-0989 | | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-0990 | | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-0992 | | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DSA-4539-1 | 4.7 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DSA-4539-3 | | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DSA-4661-1 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | @@ -4356,7 +4359,7 @@ Scanned /testdata/sbom-insecure/postgres-stretch.cdx.xml file and found Filtered 1 local/unscannable package/s from the scan. Loaded Debian local db from /osv-scanner/Debian/all.zip Loaded Go local db from /osv-scanner/Go/all.zip -Total 21 packages affected by 158 known vulnerabilities (17 Critical, 68 High, 49 Medium, 1 Low, 23 Unknown) from 2 ecosystems. +Total 21 packages affected by 161 known vulnerabilities (17 Critical, 68 High, 49 Medium, 1 Low, 26 Unknown) from 2 ecosystems. 11 vulnerabilities can be fixed. @@ -4447,6 +4450,9 @@ Total 21 packages affected by 158 known vulnerabilities (17 Critical, 68 High, 4 | https://osv.dev/DEBIAN-CVE-2022-23308 | 7.5 | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DEBIAN-CVE-2025-9714 | 5.5 | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DLA-4319-1 | | | | | | | +| https://osv.dev/DEBIAN-CVE-2026-0989 | | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-0990 | | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | +| https://osv.dev/DEBIAN-CVE-2026-0992 | | Debian | libxml2 | 2.9.4+dfsg1-2.2+deb9u6 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DSA-4539-1 | 4.7 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DSA-4539-3 | | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml | | https://osv.dev/DSA-4661-1 | 7.5 | Debian | openssl | 1.1.0l-1~deb9u5 | -- | testdata/sbom-insecure/postgres-stretch.cdx.xml |