Adding detection events for litestream (#10485)

* Adding Advisory GHSA-32gq-x56h-299c for litestream * Adding Advisory GHSA-w32m-9786-jp63 for litestream --------- Co-authored-by: octo-sts[bot] <[email protected]>
wolfi-dev · Dec 19, 2024 · 2403599 · 2403599
1 parent 14f4001
commit 2403599
Showing 1 changed file with 35 additions and 0 deletions.
diff --git a/litestream.advisories.yaml b/litestream.advisories.yaml
@@ -112,6 +112,24 @@ advisories:
         data:
           note: 'Issue has been opened in litestream repository. No prior issues, PRs or commits that reference this CVE and the affected version is the most current release. Issue: https://github.com/benbjohnson/litestream/issues/602'
 
+  - id: CGA-ccv6-g9wj-vr86
+    aliases:
+      - CVE-2024-45338
+      - GHSA-w32m-9786-jp63
+    events:
+      - timestamp: 2024-12-19T17:24:05Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: litestream
+            componentID: 9eeebdacc63032cd
+            componentName: golang.org/x/net
+            componentVersion: v0.23.0
+            componentType: go-module
+            componentLocation: /usr/bin/litestream
+            scanner: grype
+
   - id: CGA-fm8f-cmvr-fj72
     aliases:
       - CVE-2024-24790
@@ -154,6 +172,23 @@ advisories:
         data:
           fixed-version: 0.3.13-r1
 
+  - id: CGA-jrh8-cjqq-9697
+    aliases:
+      - GHSA-32gq-x56h-299c
+    events:
+      - timestamp: 2024-12-19T17:24:02Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: litestream
+            componentID: 29e508664e90a21e
+            componentName: filippo.io/age
+            componentVersion: v1.1.1
+            componentType: go-module
+            componentLocation: /usr/bin/litestream
+            scanner: grype
+
   - id: CGA-pxmf-h73g-vg55
     aliases:
       - CVE-2024-24788