cilium-1.14.advisories.yaml

schema-version: 2.0.2

package:
  name: cilium-1.14

advisories:
  - id: CVE-2023-45288
    aliases:
      - GHSA-4v7x-pqxf-cx7m
    events:
      - timestamp: 2024-04-08T07:26:54Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cilium-1.14-hubble-relay
            componentID: 78cbc5be036eec84
            componentName: stdlib
            componentVersion: go1.22.1
            componentType: go-module
            componentLocation: /usr/bin/hubble-relay
            scanner: grype

  - id: CVE-2024-24786
    aliases:
      - GHSA-8r3f-844c-mc37
    events:
      - timestamp: 2024-03-14T08:18:56Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cilium-1.14-operator-generic
            componentID: 9c5be14e1303e4d6
            componentName: google.golang.org/protobuf
            componentVersion: v1.31.0
            componentType: go-module
            componentLocation: /usr/bin/cilium-operator-generic
            scanner: grype

  - id: CVE-2024-25630
    aliases:
      - GHSA-7496-fgv9-xw82
    events:
      - timestamp: 2024-04-13T07:08:14Z
        type: fixed
        data:
          fixed-version: 1.14.7-r0

  - id: CVE-2024-25631
    aliases:
      - GHSA-x989-52fc-4vr4
    events:
      - timestamp: 2024-04-13T07:08:12Z
        type: fixed
        data:
          fixed-version: 1.14.7-r0

  - id: CVE-2024-28180
    aliases:
      - GHSA-c5q2-7r4c-mv6g
    events:
      - timestamp: 2024-03-08T07:14:57Z
        type: fixed
        data:
          fixed-version: 1.14.7-r0

  - id: CVE-2024-28248
    aliases:
      - GHSA-68mj-9pjq-mc85
    events:
      - timestamp: 2024-03-20T10:04:09Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cilium-1.14
            componentID: 1810fb8fac7342e0
            componentName: cilium-1.14
            componentVersion: 1.14.7-r0
            componentType: apk
            componentLocation: /.PKGINFO
            scanner: grype

  - id: CVE-2024-28249
    aliases:
      - GHSA-j89h-qrvr-xc36
    events:
      - timestamp: 2024-03-20T10:04:10Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cilium-1.14
            componentID: 1810fb8fac7342e0
            componentName: cilium-1.14
            componentVersion: 1.14.7-r0
            componentType: apk
            componentLocation: /.PKGINFO
            scanner: grype

  - id: CVE-2024-28250
    aliases:
      - GHSA-v6q2-4qr3-5cw6
    events:
      - timestamp: 2024-03-20T10:04:10Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cilium-1.14
            componentID: 1810fb8fac7342e0
            componentName: cilium-1.14
            componentVersion: 1.14.7-r0
            componentType: apk
            componentLocation: /.PKGINFO
            scanner: grype

  - id: CVE-2024-28860
    aliases:
      - GHSA-pwqm-x5x6-5586
    events:
      - timestamp: 2024-04-16T07:22:54Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cilium-1.14
            componentID: 1810fb8fac7342e0
            componentName: cilium-1.14
            componentVersion: 1.14.7-r0
            componentType: apk
            componentLocation: /.PKGINFO
            scanner: grype