From 946afa5d3a4eec6beafbb4fc566696ca1d6ea232 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Fri, 22 Mar 2024 18:43:43 +0000
Subject: [PATCH 1/2] Adding detection events for temporal-server (#3218)

* Adding Advisory GHSA-7jwh-3vrq-q3m8 for temporal-server

* Adding Advisory GHSA-mrww-27vc-gghv for temporal-server

---------

Co-authored-by: octo-sts[bot] <101908552+octo-sts@users.noreply.github.com>
---
 temporal-server.advisories.yaml | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

diff --git a/temporal-server.advisories.yaml b/temporal-server.advisories.yaml
index cec1c1084..ff4d13cfa 100644
--- a/temporal-server.advisories.yaml
+++ b/temporal-server.advisories.yaml
@@ -112,3 +112,35 @@ advisories:
         type: fixed
         data:
           fixed-version: 1.22.6-r2
+
+  - id: CVE-2024-27304
+    aliases:
+      - GHSA-mrww-27vc-gghv
+    events:
+      - timestamp: 2024-03-22T18:37:58Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: temporal-server
+            componentID: b4b041513ae9fdd7
+            componentName: github.com/jackc/pgx/v5
+            componentVersion: v5.4.3
+            componentType: go-module
+            componentLocation: /usr/bin/temporal-server
+            scanner: grype
+
+  - id: GHSA-7jwh-3vrq-q3m8
+    events:
+      - timestamp: 2024-03-22T18:37:55Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: temporal-server
+            componentID: b4b041513ae9fdd7
+            componentName: github.com/jackc/pgx/v5
+            componentVersion: v5.4.3
+            componentType: go-module
+            componentLocation: /usr/bin/temporal-server
+            scanner: grype

From 9771d083a36becf0f988671d553e985d826804cf Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Sat, 23 Mar 2024 12:01:35 +0100
Subject: [PATCH 2/2] Adding Advisory GHSA-xw73-rw38-6vjc for scorecard (#3207)

Co-authored-by: octo-sts[bot] <101908552+octo-sts@users.noreply.github.com>
---
 scorecard.advisories.yaml | 21 ++++++++++++++++++++-
 1 file changed, 20 insertions(+), 1 deletion(-)

diff --git a/scorecard.advisories.yaml b/scorecard.advisories.yaml
index d31c8d2ba..93026cc80 100644
--- a/scorecard.advisories.yaml
+++ b/scorecard.advisories.yaml
@@ -196,6 +196,23 @@ advisories:
             componentLocation: /usr/bin/scorecard
             scanner: grype
 
+  - id: CVE-2024-24557
+    aliases:
+      - GHSA-xw73-rw38-6vjc
+    events:
+      - timestamp: 2024-03-22T13:33:30Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: scorecard
+            componentID: 8fd9f63738b717a6
+            componentName: github.com/docker/docker
+            componentVersion: v24.0.4+incompatible
+            componentType: go-module
+            componentLocation: /usr/bin/scorecard
+            scanner: grype
+
   - id: CVE-2024-24783
     aliases:
       - GHSA-3q2c-pvp5-3cqp
@@ -223,7 +240,9 @@ advisories:
         data:
           fixed-version: 4.13.1-r2
 
-  - id: GHSA-8r3f-844c-mc37
+  - id: CVE-2024-24786
+    aliases:
+      - GHSA-8r3f-844c-mc37
     events:
       - timestamp: 2024-03-14T13:19:32Z
         type: detection