Adding detection events for dependency-track (#10751)

* Adding Advisory GHSA-6v67-2wr5-gvf4 for dependency-track * Adding Advisory GHSA-pr98-23f8-jwxv for dependency-track --------- Co-authored-by: octo-sts[bot] <[email protected]>
wolfi-dev · Dec 20, 2024 · 44b4926 · 44b4926
1 parent 6abed56
commit 44b4926
Showing 1 changed file with 36 additions and 0 deletions.
diff --git a/dependency-track.advisories.yaml b/dependency-track.advisories.yaml
@@ -81,6 +81,42 @@ advisories:
         data:
           fixed-version: 4.10.1-r1
 
+  - id: CGA-jwcq-8v78-qvpq
+    aliases:
+      - CVE-2024-12801
+      - GHSA-6v67-2wr5-gvf4
+    events:
+      - timestamp: 2024-12-20T07:15:00Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: dependency-track
+            componentID: 06be94b825dae88c
+            componentName: logback-core
+            componentVersion: 1.5.12
+            componentType: java-archive
+            componentLocation: /usr/share/java/dependency-track/dependency-track-bundled.jar
+            scanner: grype
+
+  - id: CGA-jxr7-jj8p-xpfm
+    aliases:
+      - CVE-2024-12798
+      - GHSA-pr98-23f8-jwxv
+    events:
+      - timestamp: 2024-12-20T07:15:02Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: dependency-track
+            componentID: 06be94b825dae88c
+            componentName: logback-core
+            componentVersion: 1.5.12
+            componentType: java-archive
+            componentLocation: /usr/share/java/dependency-track/dependency-track-bundled.jar
+            scanner: grype
+
   - id: CGA-ppj7-32h7-rr4m
     aliases:
       - CVE-2024-26308