From 9a5fde5bc5bda54e155a48366b77b284d790db61 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Thu, 19 Dec 2024 22:45:06 +0000
Subject: [PATCH] Adding Advisory GHSA-w32m-9786-jp63 for sigstore-scaffolding
 (#10611)

Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
 sigstore-scaffolding.advisories.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/sigstore-scaffolding.advisories.yaml b/sigstore-scaffolding.advisories.yaml
index a1dd8e112f..fb59c4e090 100644
--- a/sigstore-scaffolding.advisories.yaml
+++ b/sigstore-scaffolding.advisories.yaml
@@ -251,6 +251,24 @@ advisories:
         data:
           fixed-version: 0.7.9-r0
 
+  - id: CGA-jwq3-5872-8qv3
+    aliases:
+      - CVE-2024-45338
+      - GHSA-w32m-9786-jp63
+    events:
+      - timestamp: 2024-12-19T20:26:04Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: sigstore-scaffolding
+            componentID: 44339d06b3026eed
+            componentName: golang.org/x/net
+            componentVersion: v0.31.0
+            componentType: go-module
+            componentLocation: /usr/bin/rekor-createsecret
+            scanner: grype
+
   - id: CGA-m4ph-vwfq-6p88
     aliases:
       - CVE-2023-44487