From 1cf3750c337e7eca291ce94bbc9a55e11fb27006 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts@users.noreply.github.com>
Date: Tue, 24 Dec 2024 09:40:55 +0000
Subject: [PATCH 1/2] Adding Advisory GHSA-gmj6-6f8f-6699 for
 kubeflow-volumes-web-app

---
 kubeflow-volumes-web-app.advisories.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/kubeflow-volumes-web-app.advisories.yaml b/kubeflow-volumes-web-app.advisories.yaml
index 49391fbdc2..4a6e444e85 100644
--- a/kubeflow-volumes-web-app.advisories.yaml
+++ b/kubeflow-volumes-web-app.advisories.yaml
@@ -158,6 +158,24 @@ advisories:
         data:
           fixed-version: 1.9.1-r0
 
+  - id: CGA-h79h-32w2-7vmp
+    aliases:
+      - CVE-2024-56201
+      - GHSA-gmj6-6f8f-6699
+    events:
+      - timestamp: 2024-12-24T09:40:51Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: kubeflow-volumes-web-app
+            componentID: 35f15308d6b8b518
+            componentName: jinja2
+            componentVersion: 3.1.4
+            componentType: python
+            componentLocation: /usr/lib/python3.12/site-packages/jinja2-3.1.4.dist-info/METADATA, /usr/lib/python3.12/site-packages/jinja2-3.1.4.dist-info/RECORD
+            scanner: grype
+
   - id: CGA-ph4r-hmw2-vp9r
     aliases:
       - CVE-2024-34064

From c7b1e3c719655c042d50a53b687688d423237b49 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts@users.noreply.github.com>
Date: Tue, 24 Dec 2024 09:41:00 +0000
Subject: [PATCH 2/2] Adding Advisory GHSA-q2x7-8rv6-6q7h for
 kubeflow-volumes-web-app

---
 kubeflow-volumes-web-app.advisories.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/kubeflow-volumes-web-app.advisories.yaml b/kubeflow-volumes-web-app.advisories.yaml
index 4a6e444e85..19cd6f69d4 100644
--- a/kubeflow-volumes-web-app.advisories.yaml
+++ b/kubeflow-volumes-web-app.advisories.yaml
@@ -110,6 +110,24 @@ advisories:
         data:
           fixed-version: 1.8.0-r7
 
+  - id: CGA-6g29-xf5c-xrq4
+    aliases:
+      - CVE-2024-56326
+      - GHSA-q2x7-8rv6-6q7h
+    events:
+      - timestamp: 2024-12-24T09:40:55Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: kubeflow-volumes-web-app
+            componentID: 35f15308d6b8b518
+            componentName: jinja2
+            componentVersion: 3.1.4
+            componentType: python
+            componentLocation: /usr/lib/python3.12/site-packages/jinja2-3.1.4.dist-info/METADATA, /usr/lib/python3.12/site-packages/jinja2-3.1.4.dist-info/RECORD
+            scanner: grype
+
   - id: CGA-f5h2-p64r-hgpf
     aliases:
       - CVE-2024-39689