Adding Advisory GHSA-w32m-9786-jp63 for cert-manager-istio-csr (#10753)

Co-authored-by: octo-sts[bot] <[email protected]>
wolfi-dev · Dec 20, 2024 · 1a9cf70 · 1a9cf70
1 parent 111f137
commit 1a9cf70
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/cert-manager-istio-csr.advisories.yaml b/cert-manager-istio-csr.advisories.yaml
@@ -116,6 +116,24 @@ advisories:
           type: vulnerable-code-not-included-in-package
           note: 'The upstream project ignored the vulnerability since they import non-tagged versions in go.mod, for more information see: https://github.com/cert-manager/istio-csr/pull/344/files.'
 
+  - id: CGA-m24w-7f29-vfjq
+    aliases:
+      - CVE-2024-45338
+      - GHSA-w32m-9786-jp63
+    events:
+      - timestamp: 2024-12-20T07:22:49Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: cert-manager-istio-csr
+            componentID: 7eea074db6939525
+            componentName: golang.org/x/net
+            componentVersion: v0.30.0
+            componentType: go-module
+            componentLocation: /usr/bin/cmd
+            scanner: grype
+
   - id: CGA-pw2v-5gqw-v996
     aliases:
       - CVE-2021-39155