From eecb4dabf6b70fcd4142ff74e1ffee25ce024a39 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts@users.noreply.github.com>
Date: Tue, 24 Dec 2024 08:30:44 +0000
Subject: [PATCH] Adding Advisory GHSA-gmj6-6f8f-6699 for mlflow

---
 mlflow.advisories.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/mlflow.advisories.yaml b/mlflow.advisories.yaml
index f59ec9197f..4c83290486 100644
--- a/mlflow.advisories.yaml
+++ b/mlflow.advisories.yaml
@@ -361,3 +361,21 @@ advisories:
             componentType: python
             componentLocation: /usr/share/mlflow/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/METADATA, /usr/share/mlflow/lib/python3.12/site-packages/werkzeug-3.0.4.dist-info/RECORD
             scanner: grype
+
+  - id: CGA-xqq4-gxgx-3463
+    aliases:
+      - CVE-2024-56201
+      - GHSA-gmj6-6f8f-6699
+    events:
+      - timestamp: 2024-12-24T08:30:40Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: mlflow
+            componentID: 814041681c0b86ed
+            componentName: jinja2
+            componentVersion: 3.1.4
+            componentType: python
+            componentLocation: /usr/share/mlflow/lib/python3.13/site-packages/jinja2-3.1.4.dist-info/METADATA, /usr/share/mlflow/lib/python3.13/site-packages/jinja2-3.1.4.dist-info/RECORD
+            scanner: grype