From 1150772d068cc919d65337a42f37a1d167c3412b Mon Sep 17 00:00:00 2001
From: Weston Steimel <weston.steimel@anchore.com>
Date: Thu, 23 Feb 2023 17:32:12 +0000
Subject: [PATCH] fix: improve CPE generation for curl APK (#1608)

Signed-off-by: Weston Steimel <weston.steimel@anchore.com>
---
 syft/pkg/cataloger/common/cpe/candidate_by_package_type.go | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go b/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go
index 4d74cbc17..488349198 100644
--- a/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go
+++ b/syft/pkg/cataloger/common/cpe/candidate_by_package_type.go
@@ -178,6 +178,11 @@ var defaultCandidateAdditions = buildCandidateLookup(
 			candidateAddition{AdditionalVendors: []string{"pypa"}},
 		},
 		// Alpine packages
+		{
+			pkg.ApkPkg,
+			candidateKey{PkgName: "curl"},
+			candidateAddition{AdditionalVendors: []string{"haxx"}},
+		},
 		{
 			pkg.ApkPkg,
 			candidateKey{PkgName: "python3"},