From f35a2ac1d044182b39dee74da16fbb4d7077776f Mon Sep 17 00:00:00 2001
From: Marlon Pina Tojal <marlont@backbase.com>
Date: Thu, 30 Nov 2023 09:53:57 +0100
Subject: [PATCH 1/4] trivy support

Signed-off-by: Marlon Pina Tojal <marlont@backbase.com>
---
 src/assets/img/trivy-logo.svg                 | 32 +++++++
 src/i18n/locales/en.json                      |  2 +
 src/router/index.js                           | 11 +++
 src/shared/common.js                          |  9 ++
 src/views/administration/AdminMenu.vue        |  5 +
 src/views/administration/Administration.vue   |  3 +-
 .../analyzers/TrivyAnalyzer.vue               | 92 +++++++++++++++++++
 .../vulnerabilities/Vulnerability.vue         |  2 +
 8 files changed, 155 insertions(+), 1 deletion(-)
 create mode 100644 src/assets/img/trivy-logo.svg
 create mode 100644 src/views/administration/analyzers/TrivyAnalyzer.vue

diff --git a/src/assets/img/trivy-logo.svg b/src/assets/img/trivy-logo.svg
new file mode 100644
index 00000000..9ea7c643
--- /dev/null
+++ b/src/assets/img/trivy-logo.svg
@@ -0,0 +1,32 @@
+<svg width="265" height="135" viewBox="0 0 265 135" fill="none" xmlns="http://www.w3.org/2000/svg">
+<path d="M148.629 103.077V109.005C144.591 109.005 140.953 107.551 138.084 105.142C134.479 102.117 132.19 97.5774 132.19 92.5044V62.8164H138.084V76.2874H148.629V82.2534H138.084V92.6484C138.164 98.4204 142.84 103.077 148.629 103.077Z" fill="white"/>
+<path d="M169.65 76.2852V82.1742C164.059 82.1852 159.507 86.6201 159.305 92.1581V109.003H153.397V76.2852H159.305V80.0201C162.113 77.6891 165.718 76.2912 169.65 76.2852Z" fill="white"/>
+<path d="M173.447 68.6988V62.7988H179.344V68.6988H173.447ZM173.447 109.004V76.2858H179.344V109.005H173.447V109.004Z" fill="white"/>
+<path d="M215.508 76.2852L199.16 109.004L182.796 76.2852H189.495L199.16 95.6052L208.806 76.2852H215.508Z" fill="white"/>
+<path d="M250.874 76.2852C250.874 76.2852 250.874 112.056 250.874 114.42C250.874 123.556 243.381 130.848 234.504 130.843C230.347 130.843 226.495 129.267 223.57 126.647L227.81 122.407C229.619 123.939 231.953 124.871 234.503 124.866C240.248 124.866 244.899 120.17 244.899 114.42V105.279C242.049 107.638 238.411 109.003 234.503 109.003C225.609 109.008 218.119 101.832 218.119 92.6311C218.119 92.4371 218.119 76.2862 218.119 76.2862H224.091C224.091 76.2862 224.094 92.1931 224.094 92.6311C224.094 98.3531 228.753 103.082 234.503 103.077C240.248 103.077 244.899 98.3761 244.899 92.6311V76.2852H250.874Z" fill="white"/>
+<path d="M166.114 59.3782H169.243V39.9432C169.253 39.7722 169.243 39.5992 169.243 39.4262C169.243 34.6752 165.402 30.8242 160.651 30.8242C155.9 30.8242 152.049 34.6752 152.049 39.4262C152.049 44.1772 155.9 48.0282 160.651 48.0282H161.086L164.25 44.8782H160.89H160.651C157.64 44.8782 155.2 42.4372 155.2 39.4272C155.2 36.4172 157.641 33.9762 160.651 33.9762C163.662 33.9762 166.114 36.4172 166.114 39.4272V59.3782Z" fill="white"/>
+<path d="M185.899 30.8242V39.5332C185.899 42.5742 183.434 45.0512 180.394 45.0512C177.353 45.0512 174.886 42.5742 174.886 39.5332V30.8242H171.837V39.5332C171.837 39.5332 171.837 39.5332 171.837 39.5402C171.837 44.2692 175.665 48.1082 180.394 48.1082C185.123 48.1082 188.955 44.2812 188.955 39.5522C188.955 39.5462 188.955 39.5332 188.955 39.5332V30.8242H185.899Z" fill="white"/>
+<path d="M148.941 36.5135C145.536 27.5195 132.339 29.7035 132.139 39.4525C132.144 41.5465 132.863 43.4245 134.118 44.9545C135.59 46.7415 137.764 47.9275 140.219 48.0885C140.408 48.1005 140.598 48.1075 140.789 48.1075H149.454C149.454 48.1075 149.454 39.4515 149.454 39.4525C149.454 38.4535 149.281 37.4515 148.941 36.5135ZM146.252 44.9475C146.252 44.9475 142.315 44.9475 140.797 44.9475C137.769 44.9475 135.315 42.4795 135.315 39.4515C135.315 37.9345 135.932 36.5745 136.928 35.5815L136.929 35.5825C140.315 32.1515 146.274 34.5585 146.253 39.4515C146.252 40.9695 146.252 44.9475 146.252 44.9475Z" fill="white"/>
+<path d="M208.351 36.5135C204.946 27.5195 191.749 29.7035 191.549 39.4525C191.554 41.5465 192.273 43.4245 193.528 44.9545C195 46.7415 197.174 47.9275 199.629 48.0885C199.818 48.1005 200.008 48.1075 200.199 48.1075H208.864C208.864 48.1075 208.864 39.4515 208.864 39.4525C208.863 38.4535 208.69 37.4515 208.351 36.5135ZM205.661 44.9475C205.661 44.9475 201.724 44.9475 200.206 44.9475C197.178 44.9475 194.724 42.4795 194.724 39.4515C194.724 37.9345 195.341 36.5745 196.337 35.5815L196.338 35.5825C199.724 32.1515 205.683 34.5585 205.662 39.4515C205.661 40.9695 205.661 44.9475 205.661 44.9475Z" fill="white"/>
+<path d="M65.469 5.43164L10.124 37.4096L10.125 101.878L65.462 134.11L120.813 101.896V37.4076L65.469 5.43164Z" fill="white"/>
+<path d="M64.4641 79.2511C58.2051 76.4341 54.5051 70.4121 54.7021 64.0161L41.3221 56.2891C40.3241 63.6921 41.9181 71.4341 45.9341 78.1431C50.2081 85.2841 56.3811 90.6031 64.4651 93.6831V79.2511H64.4641Z" fill="#1904DA"/>
+<path d="M64.9709 94.4207L64.2839 94.1587C56.2419 91.0947 49.9219 85.7947 45.4989 78.4057C41.4619 71.6607 39.7999 63.7827 40.8199 56.2227L40.9209 55.4727L55.2169 63.7287L55.2079 64.0327C55.0139 70.3227 58.7289 76.1157 64.6709 78.7887L64.9699 78.9237V94.4207H64.9709ZM41.7329 57.1127C40.9499 64.2137 42.5849 71.5597 46.3689 77.8837C50.5449 84.8607 56.4599 89.9237 63.9569 92.9407V79.5767C57.9089 76.7207 54.1109 70.7847 54.1889 64.3067L41.7329 57.1127Z" fill="white"/>
+<path d="M64.4641 111.978V95.3902C55.8061 92.2282 49.1731 86.5352 44.6211 78.9302C40.3151 71.7362 38.6771 63.3972 39.8971 55.4672L27.4611 48.2852C20.3371 74.2882 36.3221 101.982 64.4641 111.978Z" fill="#1904DA"/>
+<path d="M64.9709 112.696L64.2949 112.456C50.5849 107.586 39.2219 98.3286 32.2989 86.3876C25.3779 74.4516 23.4859 60.8726 26.9719 48.1506L27.1459 47.5176L40.4509 55.2006L40.3989 55.5436C39.1879 63.4146 40.8429 71.6266 45.0569 78.6686C49.6779 86.3896 56.2659 91.8556 64.6389 94.9126L64.9719 95.0346V112.696H64.9709ZM27.7809 49.0556C21.1389 74.6526 36.5699 101.188 63.9569 111.256V95.7426C55.5189 92.5806 48.8679 87.0126 44.1869 79.1896C39.9119 72.0486 38.1979 63.7316 39.3449 55.7326L27.7809 49.0556Z" fill="white"/>
+<path d="M66.2969 95.24V111.979C93.9189 101.751 110.5 74.105 103.496 48.373L91.1269 55.579C92.6709 64.132 91.3249 72.47 87.1869 79.446C82.9369 86.613 75.5139 91.992 66.2969 95.24Z" fill="#08B1D5"/>
+<path d="M65.79 112.708V94.8806L66.129 94.7616C75.546 91.4436 82.676 86.0576 86.753 79.1876C90.825 72.3196 92.166 64.1876 90.629 55.6696L90.566 55.3196L103.812 47.6016L103.985 48.2396C110.962 73.8746 94.485 102.082 66.473 112.455L65.79 112.708ZM66.804 95.5976V111.247C93.681 100.941 109.519 73.8986 103.176 49.1466L91.688 55.8396C93.17 64.4746 91.767 72.7186 87.623 79.7046C83.476 86.6986 76.281 92.1896 66.804 95.5976Z" fill="white"/>
+<path d="M76.3809 64.0884C76.4369 70.2984 72.7869 75.7614 66.2969 79.2514V93.6844C74.9209 90.5404 81.8869 85.3844 85.8719 78.6654C89.7309 72.1594 91.0429 64.3964 89.7199 56.3984L76.3809 64.0884Z" fill="#08B1D5"/>
+<path d="M65.79 94.4097V78.9487L66.057 78.8048C72.348 75.4208 75.926 70.0588 75.873 64.0928L75.87 63.7967L90.101 55.5938L90.22 56.3158C91.575 64.5068 90.223 72.3247 86.308 78.9237C82.345 85.6057 75.486 90.8747 66.47 94.1607L65.79 94.4097ZM66.804 79.5528V92.9548C75.26 89.7358 81.694 84.7157 85.436 78.4067C89.111 72.2097 90.452 64.8948 89.332 57.2068L76.888 64.3817C76.826 70.5317 73.171 76.0338 66.804 79.5528Z" fill="white"/>
+<path d="M78.3069 41.8987C83.5239 44.4427 87.7739 48.5187 90.5959 53.6847C90.6329 53.7527 90.6679 53.8237 90.7049 53.8917L102.837 46.8857C102.644 46.6427 102.459 46.3967 102.306 46.1507C97.8549 38.9517 91.9759 33.5347 84.8299 30.0497C64.6569 20.2117 39.9379 27.6297 28.1289 46.9117L40.2319 53.8977C48.4489 40.6847 64.9909 35.4047 78.3069 41.8987Z" fill="#FFC900"/>
+<path d="M90.5038 54.5924L90.1508 53.9304C87.3788 48.8534 83.2058 44.8524 78.0848 42.3534C65.1428 36.0424 48.7038 41.2304 40.6608 54.1654L40.4018 54.5814L27.4238 47.0914L27.6948 46.6474C39.6018 27.2064 64.7978 19.7184 85.0508 29.5944C92.2848 33.1224 98.2348 38.6034 102.736 45.8844C102.879 46.1134 103.053 46.3434 103.233 46.5704L103.598 47.0314L90.5038 54.5924ZM28.8358 46.7354L40.0628 53.2164C48.4698 40.1524 65.2678 34.9764 78.5298 41.4434C83.7578 43.9924 88.0308 48.0514 90.9028 53.1924L102.087 46.7344C102.012 46.6294 101.941 46.5234 101.876 46.4184C97.4758 39.3024 91.6668 33.9484 84.6088 30.5054C64.9668 20.9294 40.5818 28.0644 28.8358 46.7354Z" fill="white"/>
+<path d="M70.7312 57.2939C72.8912 58.3469 74.6422 60.0479 75.7962 62.2119C75.8352 62.2849 75.8692 62.3619 75.9062 62.4359L89.3792 54.6559C89.3372 54.5769 89.2962 54.4949 89.2532 54.4169C86.5842 49.5309 82.5672 45.6759 77.6362 43.2719C65.0392 37.1279 49.3712 42.1399 41.5562 54.6619L54.9562 62.3959C58.4482 56.7959 65.2052 54.5999 70.7312 57.2939Z" fill="#FFC900"/>
+<path d="M75.6891 63.1474L75.3461 62.4474C74.2461 60.3824 72.5721 58.7574 70.5081 57.7504H70.5091C65.2351 55.1804 58.7351 57.2924 55.3861 62.6654L55.1281 63.0814L40.8491 54.8394L41.1271 54.3944C49.1731 41.5044 64.9661 36.5264 77.8601 42.8174C82.8851 45.2674 86.9801 49.1954 89.6991 54.1744L90.0601 54.8494L75.6891 63.1474ZM65.7711 55.6464C67.5331 55.6464 69.2981 56.0314 70.9531 56.8394H70.9541C73.1291 57.9014 74.9081 59.5894 76.1121 61.7334L88.7001 54.4634C86.0821 49.7634 82.1841 46.0544 77.4151 43.7284C65.3371 37.8404 50.0061 42.5684 42.2681 54.4884L54.7921 61.7174C57.3971 57.8364 61.5721 55.6464 65.7711 55.6464Z" fill="white"/>
+<path d="M119.14 39.2578L104.862 47.5758C112.393 74.3508 95.1229 103.21 66.2979 113.604V131.732L119.14 100.935V39.2578Z" fill="#08B1D5"/>
+<path d="M65.79 132.614V113.248L66.125 113.127C94.965 102.727 111.766 73.994 104.374 47.713L104.268 47.335L119.647 38.375V101.225L119.395 101.372L65.79 132.614ZM66.804 113.959V130.849L118.632 100.644V40.141L105.455 47.818C112.697 74.404 95.801 103.331 66.804 113.959Z" fill="white"/>
+<path d="M11.7979 39.2402V100.918L64.4648 131.731V113.603C35.1148 103.455 18.4449 74.5442 26.0949 47.4952L12.4679 39.6262L11.7979 39.2402Z" fill="#1904DA"/>
+<path d="M64.971 132.614L11.29 101.208V38.3613L26.69 47.2533L26.583 47.6333C19.022 74.3663 35.735 103.133 64.63 113.124L64.972 113.242V132.614H64.971ZM12.304 100.626L63.957 130.846V113.963C34.902 103.736 18.087 74.7733 25.5 47.7383L12.304 40.1173V100.626Z" fill="white"/>
+<path d="M12.5542 37.9232L14.1102 38.8222L26.8032 46.1482C39.0142 26.1752 64.6102 18.4892 85.5002 28.6762C92.9102 32.2902 99.0022 37.8992 103.607 45.3472C103.753 45.5832 103.956 45.8412 104.177 46.1132L118.372 37.9162L65.4692 7.36523L12.5542 37.9232Z" fill="#FFC900"/>
+<path d="M26.977 46.8333L11.541 37.9223L65.469 6.7793L65.723 6.9253L119.386 37.9153L104.056 46.7673L103.784 46.4323C103.547 46.1413 103.331 45.8643 103.176 45.6123C98.622 38.2473 92.601 32.7023 85.279 29.1303C64.768 19.1303 39.274 26.7213 27.236 46.4113L26.977 46.8333ZM13.569 37.9223L26.63 45.4623C39.042 25.6453 64.896 18.0633 85.722 28.2193C93.22 31.8763 99.382 37.5483 104.038 45.0783C104.112 45.1983 104.202 45.3233 104.301 45.4543L117.357 37.9153L65.469 7.9493L13.569 37.9223Z" fill="white"/>
+<path d="M66.2373 77.5717C71.4443 74.6597 74.5703 69.9977 74.7713 64.8267C74.7713 64.8267 74.7943 64.3137 74.7553 63.4817C74.7473 63.3107 73.6003 60.5827 70.1063 58.6777C65.4143 56.1197 58.7563 58.5807 56.0903 63.4817C56.0903 63.4817 56.0263 64.0827 56.0563 64.8267C56.2473 69.5267 59.1433 75.0457 64.2703 77.5717L65.3093 78.0677L66.2373 77.5717Z" fill="#FF445F"/>
+<path d="M65.3232 78.6355L64.0532 78.0294C58.4362 75.2604 55.7362 69.4144 55.5502 64.8475C55.5182 64.0745 55.5842 63.4544 55.5872 63.4274L55.6452 63.2394C56.9892 60.7704 59.3682 58.7895 62.1722 57.8035C65.0272 56.7995 68.0082 56.9554 70.3502 58.2314C73.8942 60.1634 75.2422 62.9965 75.2622 63.4575C75.3032 64.3175 75.2782 64.8484 75.2782 64.8484C75.0702 70.2064 71.8652 75.0054 66.4852 78.0145L65.3232 78.6355ZM56.5862 63.6325C56.5712 63.8245 56.5422 64.2795 56.5642 64.8055C56.7312 68.9345 59.2862 74.5484 64.4952 77.1164L65.2972 77.4995L65.9932 77.1274C71.0552 74.2944 74.0702 69.8044 74.2642 64.8074C74.2652 64.7934 74.2862 64.2995 74.2492 63.5065C74.1452 63.1825 72.9212 60.7915 69.8642 59.1235C67.7752 57.9845 65.0952 57.8535 62.5072 58.7615C59.9722 59.6505 57.8202 61.4234 56.5862 63.6325Z" fill="white"/>
+</svg>
diff --git a/src/i18n/locales/en.json b/src/i18n/locales/en.json
index c543d274..1f2149bb 100644
--- a/src/i18n/locales/en.json
+++ b/src/i18n/locales/en.json
@@ -546,6 +546,7 @@
     "oss_index": "Sonatype OSS Index",
     "vulndb": "VulnDB",
     "snyk": "Snyk (Beta)",
+    "trivy": "Trivy",
     "vuln_sources": "Vulnerability Sources",
     "nvd": "NVD",
     "nvd_enable_mirroring_via_api": "Enable mirroring via API",
@@ -631,6 +632,7 @@
     "analyzer_snyk_how_to_api_version_help": "Where do I find available versions?",
     "analyzer_snyk_multiple_tokens_info": "Multiple tokens may be provided by separating them with semicolons, e.g. ",
     "analyzer_snyk_why_multiple_cvss": "Why are there multiple CVSS Scores for the same vulnerability?",
+    "analyzer_trivy_enable": "Enable Trivy analyzer",
     "vulnsource_alias_sync_enable": "Enable vulnerability alias synchronization",
     "vulnsource_alias_sync_enable_tooltip": "Alias data can help in identifying identical vulnerabilities across multiple databases. If the source provides this data, synchronize it with Dependency-Track's database.",
     "vulnsource_nvd_enable": "Enable National Vulnerability Database mirroring",
diff --git a/src/router/index.js b/src/router/index.js
index d1eacd33..eab59619 100644
--- a/src/router/index.js
+++ b/src/router/index.js
@@ -30,6 +30,7 @@ const InternalAnalyzer = () => import('@/views/administration/analyzers/Internal
 const OssIndexAnalyzer = () => import('@/views/administration/analyzers/OssIndexAnalyzer')
 const VulnDbAnalyzer = () => import('@/views/administration/analyzers/VulnDbAnalyzer')
 const SnykAnalyzer = () => import('@/views/administration/analyzers/SnykAnalyzer')
+const TrivyAnalyzer = () => import('@/views/administration/analyzers/TrivyAnalyzer')
 
 const VulnSourceNvd = () => import('@/views/administration/vuln-sources/VulnSourceNvd')
 const VulnSourceGitHubAdvisories = () => import('@/views/administration/vuln-sources/VulnSourceGitHubAdvisories')
@@ -348,6 +349,16 @@ function configRoutes() {
                 permission: 'SYSTEM_CONFIGURATION'
               },
             },
+            {
+              path: 'analyzers/trivy',
+              component: TrivyAnalyzer,
+              meta: {
+                title: i18n.t('message.administration'),
+                i18n: 'message.administration',
+                sectionPath: '/admin',
+                permission: 'SYSTEM_CONFIGURATION'
+              },
+            },
             {
               path: 'vulnerabilitySources/nvd',
               alias: ['vulnerabilitySources'],
diff --git a/src/shared/common.js b/src/shared/common.js
index a6a29b08..1a247aa8 100644
--- a/src/shared/common.js
+++ b/src/shared/common.js
@@ -120,6 +120,8 @@ $common.formatAnalyzerLabel = function formatAnalyzerLabel(analyzer, vulnSource,
         analyzerUrl = "https://osv.dev/vulnerability/" + vulnId;
       } else if(vulnSource === "SNYK") {
         analyzerUrl = "https://security.snyk.io/vuln/" + vulnId;
+      } else if(vulnSource === "TRIVY") {
+        analyzerUrl = "https://avd.aquasec.com/nvd/" + vulnId;
       }
       break;
     case 'OSSINDEX_ANALYZER':
@@ -134,6 +136,10 @@ $common.formatAnalyzerLabel = function formatAnalyzerLabel(analyzer, vulnSource,
       analyzerLabel = "Snyk";
       analyzerUrl = "https://security.snyk.io/vuln/" + vulnId;
       break;
+    case 'TRIVY_ANALYZER':
+        analyzerLabel = "Trivy";
+        analyzerUrl = "https://avd.aquasec.com/nvd/" + vulnId;
+        break;
   }
   if (analyzerUrl) {
     analyzerLabel = `<a href="${analyzerUrl}" target="_blank">${analyzerLabel} <i class="fa fa-external-link"></i></a>`;
@@ -183,6 +189,9 @@ $common.resolveSourceVulnInfo = function resolveSourceVulnInfo(vulnSource, vulnI
       sourceInfo.name = "Global Security Database";
       sourceInfo.url = "https://github.com/cloudsecurityalliance/gsd-database";
       break;
+    case "TRIVY":
+      sourceInfo.name = "Trivy";
+      sourceInfo.url = "https://avd.aquasec.com/nvd/" + vulnId;
     case "VULNDB":
       sourceInfo.name = "VulnDB";
       sourceInfo.url = "https://vulndb.cyberriskanalytics.com/vulnerabilities/" + vulnId;
diff --git a/src/views/administration/AdminMenu.vue b/src/views/administration/AdminMenu.vue
index b9973395..6984c03b 100644
--- a/src/views/administration/AdminMenu.vue
+++ b/src/views/administration/AdminMenu.vue
@@ -109,6 +109,11 @@ import { ACCESS_MANAGEMENT, SYSTEM_CONFIGURATION } from "../../shared/permission
                 component: "SnykAnalyzer",
                 name: this.$t('admin.snyk'),
                 route: "analyzers/snyk"
+              },
+              {
+                component: "TrivyAnalyzer",
+                name: this.$t('admin.trivy'),
+                route: "analyzers/trivy"
               }
             ]
           },
diff --git a/src/views/administration/Administration.vue b/src/views/administration/Administration.vue
index 52403f87..203765c8 100644
--- a/src/views/administration/Administration.vue
+++ b/src/views/administration/Administration.vue
@@ -30,6 +30,7 @@ import TaskScheduler from "./configuration/TaskScheduler.vue";
 import InternalAnalyzer from "./analyzers/InternalAnalyzer";
 import OssIndexAnalyzer from "./analyzers/OssIndexAnalyzer";
 import SnykAnalyzer from "./analyzers/SnykAnalyzer";
+import TrivyAnalyzer from "./analyzers/TrivyAnalyzer";
 import VulnDbAnalyzer from "./analyzers/VulnDbAnalyzer";
 // Vulnerability sources
 import VulnSourceGitHubAdvisories from "./vuln-sources/VulnSourceGitHubAdvisories";
@@ -68,7 +69,7 @@ export default {
     EventBus,
     AdminMenu,
     General, BomFormats, Email, Jira, InternalComponents, TaskScheduler, Search,
-    InternalAnalyzer, OssIndexAnalyzer, VulnDbAnalyzer, SnykAnalyzer,
+    InternalAnalyzer, OssIndexAnalyzer, VulnDbAnalyzer, SnykAnalyzer, TrivyAnalyzer,
     VulnSourceNvd, VulnSourceGitHubAdvisories, VulnSourceOSVAdvisories,
     Cargo, Composer, Gem, GitHub, GoModules, Hex, Maven, Npm, Cpan, Nuget, Python,
     Alerts, Templates,
diff --git a/src/views/administration/analyzers/TrivyAnalyzer.vue b/src/views/administration/analyzers/TrivyAnalyzer.vue
new file mode 100644
index 00000000..084fb61c
--- /dev/null
+++ b/src/views/administration/analyzers/TrivyAnalyzer.vue
@@ -0,0 +1,92 @@
+<template>
+    <b-card no-body :header="header">
+      <b-card-body>
+        <img alt="Trivy logo" src="@/assets/img/trivy-logo.svg" width="125"/>
+        <hr/>
+        <c-switch
+          :disabled="!this.scannerEnabled && (!this.baseUrl || !this.apitoken)"
+          id="scannerEnabled"
+          color="primary"
+          v-model="scannerEnabled"
+          label
+          v-bind="labelIcon"
+        />
+        {{$t('admin.analyzer_trivy_enable')}}
+        <b-validated-input-group-form-input
+          id="trivy-baseUrl"
+          :label="$t('admin.base_url')"
+          input-group-size="mb-3"
+          rules="required"
+          v-model="baseUrl"
+          lazy="true"
+        />
+        <b-validated-input-group-form-input
+          id="trivy-apitoken"
+          :label="$t('admin.api_token')"
+          input-group-size="mb-3"
+          rules="required"
+          type="password"
+          v-model="apitoken"
+          lazy="true"
+        />
+      </b-card-body>
+      <b-card-footer>
+        <b-button
+          :disabled="!this.baseUrl || !this.apitoken"
+          variant="outline-primary"
+          class="px-4"
+          @click="saveChanges">
+          {{ $t('message.update') }}
+        </b-button>
+      </b-card-footer>
+    </b-card>
+  </template>
+
+  <script>
+    import { Switch as cSwitch } from '@coreui/vue';
+    import BValidatedInputGroupFormInput from '../../../forms/BValidatedInputGroupFormInput';
+    import common from "../../../shared/common";
+    import configPropertyMixin from "../mixins/configPropertyMixin";
+    export default {
+      mixins: [configPropertyMixin],
+      props: {
+        header: String
+      },
+      components: {
+        cSwitch,
+        BValidatedInputGroupFormInput
+      },
+      data() {
+        return {
+          scannerEnabled: false,
+          apitoken: '',
+          baseUrl: '',
+        }
+      },
+      methods: {
+        saveChanges: function() {
+          this.updateConfigProperties([
+            {groupName: 'scanner', propertyName: 'trivy.enabled', propertyValue: this.scannerEnabled},
+            {groupName: 'scanner', propertyName: 'trivy.api.token', propertyValue: this.apitoken},
+            {groupName: 'scanner', propertyName: 'trivy.base.url', propertyValue: this.baseUrl},
+          ]);
+        }
+      },
+      created () {
+        this.axios.get(this.configUrl).then((response) => {
+          let configItems = response.data.filter(function (item) { return item.groupName === "scanner" });
+          for (let i=0; i<configItems.length; i++) {
+            let item = configItems[i];
+            switch (item.propertyName) {
+              case "trivy.enabled":
+                this.scannerEnabled = common.toBoolean(item.propertyValue); break;
+              case "trivy.api.token":
+                this.apitoken = item.propertyValue; break;
+              case "trivy.base.url":
+                this.baseUrl = item.propertyValue; break;
+            }
+          }
+        });
+      }
+    }
+  </script>
diff --git a/src/views/portfolio/vulnerabilities/Vulnerability.vue b/src/views/portfolio/vulnerabilities/Vulnerability.vue
index 1a1d75c5..b8c43706 100644
--- a/src/views/portfolio/vulnerabilities/Vulnerability.vue
+++ b/src/views/portfolio/vulnerabilities/Vulnerability.vue
@@ -206,6 +206,8 @@
             return "VulnDB (Risk Based Security)";
           case 'SNYK':
             return "Snyk";
+          case 'TRIVY':
+            return "Trivy";
           default:
             return "";
         }

From 980111708fabb2e7bec5c616401378eb26d021d5 Mon Sep 17 00:00:00 2001
From: Marlon Pina Tojal <marlont@backbase.com>
Date: Sat, 2 Dec 2023 18:23:07 +0100
Subject: [PATCH 2/4] fix advisory link

Signed-off-by: Marlon Pina Tojal <marlont@backbase.com>
---
 src/shared/common.js | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/src/shared/common.js b/src/shared/common.js
index 1a247aa8..a2fc0a2d 100644
--- a/src/shared/common.js
+++ b/src/shared/common.js
@@ -120,8 +120,6 @@ $common.formatAnalyzerLabel = function formatAnalyzerLabel(analyzer, vulnSource,
         analyzerUrl = "https://osv.dev/vulnerability/" + vulnId;
       } else if(vulnSource === "SNYK") {
         analyzerUrl = "https://security.snyk.io/vuln/" + vulnId;
-      } else if(vulnSource === "TRIVY") {
-        analyzerUrl = "https://avd.aquasec.com/nvd/" + vulnId;
       }
       break;
     case 'OSSINDEX_ANALYZER':
@@ -138,7 +136,11 @@ $common.formatAnalyzerLabel = function formatAnalyzerLabel(analyzer, vulnSource,
       break;
     case 'TRIVY_ANALYZER':
         analyzerLabel = "Trivy";
+
         analyzerUrl = "https://avd.aquasec.com/nvd/" + vulnId;
+        if(vulnSource === "GITHUB") {
+          analyzerUrl = "https://github.com/advisories/" + vulnId;
+        }
         break;
   }
   if (analyzerUrl) {
@@ -189,9 +191,6 @@ $common.resolveSourceVulnInfo = function resolveSourceVulnInfo(vulnSource, vulnI
       sourceInfo.name = "Global Security Database";
       sourceInfo.url = "https://github.com/cloudsecurityalliance/gsd-database";
       break;
-    case "TRIVY":
-      sourceInfo.name = "Trivy";
-      sourceInfo.url = "https://avd.aquasec.com/nvd/" + vulnId;
     case "VULNDB":
       sourceInfo.name = "VulnDB";
       sourceInfo.url = "https://vulndb.cyberriskanalytics.com/vulnerabilities/" + vulnId;

From 9236df13fcde723d196fccd6651aca7f21278a8e Mon Sep 17 00:00:00 2001
From: Marlon Pina Tojal <dev@fnx.pt>
Date: Mon, 1 Jan 2024 21:24:03 +0100
Subject: [PATCH 3/4] change url for nist vulnerabilities

Signed-off-by: Marlon Pina Tojal <dev@fnx.pt>
---
 src/shared/common.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/shared/common.js b/src/shared/common.js
index a2fc0a2d..5aa3348c 100644
--- a/src/shared/common.js
+++ b/src/shared/common.js
@@ -137,7 +137,7 @@ $common.formatAnalyzerLabel = function formatAnalyzerLabel(analyzer, vulnSource,
     case 'TRIVY_ANALYZER':
         analyzerLabel = "Trivy";
 
-        analyzerUrl = "https://avd.aquasec.com/nvd/" + vulnId;
+        analyzerUrl = "https://nvd.nist.gov/vuln/detail/" + vulnId;
         if(vulnSource === "GITHUB") {
           analyzerUrl = "https://github.com/advisories/" + vulnId;
         }

From 75874ef2daaf817d3bfb344eab0981779fb5f0fd Mon Sep 17 00:00:00 2001
From: Marlon Pina Tojal <marlont@backbase.com>
Date: Mon, 1 Jan 2024 22:03:05 +0100
Subject: [PATCH 4/4] add support for trivy configuration ignore unfixed

Signed-off-by: Marlon Pina Tojal <marlont@backbase.com>
---
 src/i18n/locales/en.json                             |  1 +
 src/views/administration/analyzers/TrivyAnalyzer.vue | 12 ++++++++++++
 2 files changed, 13 insertions(+)

diff --git a/src/i18n/locales/en.json b/src/i18n/locales/en.json
index 1f2149bb..76846229 100644
--- a/src/i18n/locales/en.json
+++ b/src/i18n/locales/en.json
@@ -633,6 +633,7 @@
     "analyzer_snyk_multiple_tokens_info": "Multiple tokens may be provided by separating them with semicolons, e.g. ",
     "analyzer_snyk_why_multiple_cvss": "Why are there multiple CVSS Scores for the same vulnerability?",
     "analyzer_trivy_enable": "Enable Trivy analyzer",
+    "analyzer_trivy_ignore_unfixed": "Ignores vulnerabilities that were not fixed",
     "vulnsource_alias_sync_enable": "Enable vulnerability alias synchronization",
     "vulnsource_alias_sync_enable_tooltip": "Alias data can help in identifying identical vulnerabilities across multiple databases. If the source provides this data, synchronize it with Dependency-Track's database.",
     "vulnsource_nvd_enable": "Enable National Vulnerability Database mirroring",
diff --git a/src/views/administration/analyzers/TrivyAnalyzer.vue b/src/views/administration/analyzers/TrivyAnalyzer.vue
index 084fb61c..f6b488c8 100644
--- a/src/views/administration/analyzers/TrivyAnalyzer.vue
+++ b/src/views/administration/analyzers/TrivyAnalyzer.vue
@@ -29,6 +29,14 @@
           v-model="apitoken"
           lazy="true"
         />
+         <c-switch
+          id="ignoreUnfixed"
+          color="primary"
+          v-model="ignoreUnfixed"
+          label
+          v-bind="labelIcon"
+        />
+        {{$t('admin.analyzer_trivy_ignore_unfixed')}}
       </b-card-body>
       <b-card-footer>
         <b-button
@@ -61,6 +69,7 @@
           scannerEnabled: false,
           apitoken: '',
           baseUrl: '',
+          ignoreUnfixed: false,
         }
       },
       methods: {
@@ -69,6 +78,7 @@
             {groupName: 'scanner', propertyName: 'trivy.enabled', propertyValue: this.scannerEnabled},
             {groupName: 'scanner', propertyName: 'trivy.api.token', propertyValue: this.apitoken},
             {groupName: 'scanner', propertyName: 'trivy.base.url', propertyValue: this.baseUrl},
+            {groupName: 'scanner', propertyName: 'trivy.ignore.unfixed', propertyValue: this.ignoreUnfixed},
           ]);
         }
       },
@@ -84,6 +94,8 @@
                 this.apitoken = item.propertyValue; break;
               case "trivy.base.url":
                 this.baseUrl = item.propertyValue; break;
+              case "trivy.ignore.unfixed":
+                this.ignoreUnfixed = common.toBoolean(item.propertyValue); break;
             }
           }
         });