forked from wolfi-dev/advisories
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cert-manager-1.14.advisories.yaml
176 lines (164 loc) · 4.52 KB
/
cert-manager-1.14.advisories.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
schema-version: 2.0.2
package:
name: cert-manager-1.14
advisories:
- id: CGA-22j8-xhq6-3m5j
aliases:
- CVE-2024-28180
- GHSA-c5q2-7r4c-mv6g
events:
- timestamp: 2024-03-08T07:11:22Z
type: detection
data:
type: scan/v1
data:
subpackageName: cert-manager-1.14
componentID: b6f10a015dd64977
componentName: github.com/go-jose/go-jose/v3
componentVersion: v3.0.1
componentType: go-module
componentLocation: /usr/bin/controller-linux-amd64
scanner: grype
- timestamp: 2024-03-11T18:21:08Z
type: fixed
data:
fixed-version: 1.14.4-r1
- id: CGA-2gpw-4jjj-6w6p
aliases:
- CVE-2024-24557
- GHSA-xw73-rw38-6vjc
events:
- timestamp: 2024-03-21T12:47:16Z
type: fixed
data:
fixed-version: 1.14.4-r2
- id: CGA-2whj-v58w-p3cw
aliases:
- CVE-2024-35255
- GHSA-m5vv-6r4h-3vj9
events:
- timestamp: 2024-06-12T07:17:27Z
type: detection
data:
type: scan/v1
data:
subpackageName: cert-manager-1.14
componentID: d5abc371d62f477d
componentName: github.com/Azure/azure-sdk-for-go/sdk/azidentity
componentVersion: v1.4.0
componentType: go-module
componentLocation: /usr/bin/controller-linux-amd64
scanner: grype
- timestamp: 2024-06-13T17:11:13Z
type: fixed
data:
fixed-version: 1.14.6-r1
- id: CGA-3jg2-5m28-f2v4
aliases:
- CVE-2024-26147
- GHSA-r53h-jv2g-vpx6
events:
- timestamp: 2024-02-23T07:04:13Z
type: detection
data:
type: scan/v1
data:
subpackageName: cmctl-1.14
componentID: 3012c3d7648f7741
componentName: helm.sh/helm/v3
componentVersion: v3.14.1
componentType: go-module
componentLocation: /usr/bin/cmctl
scanner: grype
- timestamp: 2024-02-24T07:51:52Z
type: fixed
data:
fixed-version: 1.14.2-r2
- id: CGA-48cf-6gm6-j53w
aliases:
- CVE-2024-24790
- GHSA-49gw-vxvf-fc2g
events:
- timestamp: 2024-06-07T14:35:38Z
type: fixed
data:
fixed-version: 1.14.5-r2
- id: CGA-48q5-6fxp-56p8
aliases:
- CVE-2023-45288
- GHSA-4v7x-pqxf-cx7m
events:
- timestamp: 2024-04-08T07:10:03Z
type: fixed
data:
fixed-version: 1.14.4-r3
- id: CGA-jgwg-6x43-4hh7
aliases:
- CVE-2024-24789
- GHSA-236w-p7wf-5ph8
events:
- timestamp: 2024-06-07T14:35:36Z
type: fixed
data:
fixed-version: 1.14.5-r2
- id: CGA-jx4w-4944-hxj3
aliases:
- CVE-2024-24788
- GHSA-2jwv-jmq4-4j3r
events:
- timestamp: 2024-05-14T09:28:48Z
type: fixed
data:
fixed-version: 1.14.5-r1
- id: CGA-qr7x-78qw-m49q
aliases:
- CVE-2024-24787
- GHSA-5fq7-4mxc-535h
events:
- timestamp: 2024-05-14T09:28:49Z
type: fixed
data:
fixed-version: 1.14.5-r1
- id: CGA-x4h3-cq5j-gh47
aliases:
- CVE-2024-25620
- GHSA-v53g-5gjp-272r
events:
- timestamp: 2024-02-16T07:36:51Z
type: detection
data:
type: scan/v1
data:
subpackageName: cmctl-1.14
componentID: 5080b1a98eba0822
componentName: helm.sh/helm/v3
componentVersion: v3.12.3
componentType: go-module
componentLocation: /usr/bin/cmctl
scanner: grype
- timestamp: 2024-02-19T18:16:25Z
type: fixed
data:
fixed-version: 1.14.2-r1
- id: CGA-xj2h-hmvh-f742
aliases:
- CVE-2019-25210
- GHSA-jw44-4f3j-q396
events:
- timestamp: 2024-03-06T07:08:36Z
type: detection
data:
type: scan/v1
data:
subpackageName: cmctl-1.14
componentID: 9e52fb76e7c198d1
componentName: helm.sh/helm/v3
componentVersion: v3.14.2
componentType: go-module
componentLocation: /usr/bin/cmctl
scanner: grype
- timestamp: 2024-03-14T23:55:27Z
type: false-positive-determination
data:
type: vulnerability-record-analysis-contested
note: 'This is not a vulnerability. Learn more about the response from Helm: https://helm.sh/blog/response-cve-2019-25210'