Adding Advisory GHSA-pr98-23f8-jwxv for cassandra-5.0

wolfi-dev · Dec 21, 2024 · 97b1c9c · 97b1c9c
1 parent 5b8c818
commit 97b1c9c
Showing 1 changed file with 18 additions and 0 deletions.
diff --git a/cassandra-5.0.advisories.yaml b/cassandra-5.0.advisories.yaml
@@ -187,6 +187,24 @@ advisories:
           type: vulnerability-record-analysis-contested
           note: 'CVE considered a false positive by the maintainers: https://github.com/apache/cassandra/blob/cassandra-5.0/.build/owasp/dependency-check-suppressions.xml'
 
+  - id: CGA-j28x-4787-ghx7
+    aliases:
+      - CVE-2024-12798
+      - GHSA-pr98-23f8-jwxv
+    events:
+      - timestamp: 2024-12-21T07:22:02Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: cassandra-5.0
+            componentID: 398399923a902016
+            componentName: logback-core
+            componentVersion: 1.2.12
+            componentType: java-archive
+            componentLocation: /usr/share/java/cassandra/lib/logback-core-1.2.12.jar
+            scanner: grype
+
   - id: CGA-jj3r-w482-76m6
     aliases:
       - CVE-2022-41854