Adding Advisory GHSA-xw73-rw38-6vjc for chartmuseum (#3201)

Co-authored-by: octo-sts[bot] <101908552+octo-sts@users.noreply.github.com>
wolfi-dev · Mar 22, 2024 · 41dc8c7 · 41dc8c7
1 parent 6d844e3
commit 41dc8c7
Showing 1 changed file with 38 additions and 19 deletions.
diff --git a/chartmuseum.advisories.yaml b/chartmuseum.advisories.yaml
@@ -82,6 +82,23 @@ advisories:
         data:
           fixed-version: 0.16.1-r4
 
+  - id: CVE-2024-24557
+    aliases:
+      - GHSA-xw73-rw38-6vjc
+    events:
+      - timestamp: 2024-03-22T07:18:34Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: chartmuseum
+            componentID: e8713d467cb089c5
+            componentName: github.com/docker/docker
+            componentVersion: v24.0.7+incompatible
+            componentType: go-module
+            componentLocation: /usr/bin/chartmuseum
+            scanner: grype
+
   - id: CVE-2024-24783
     aliases:
       - GHSA-3q2c-pvp5-3cqp
@@ -109,6 +126,27 @@ advisories:
         data:
           fixed-version: 0.16.1-r4
 
+  - id: CVE-2024-24786
+    aliases:
+      - GHSA-8r3f-844c-mc37
+    events:
+      - timestamp: 2024-03-14T07:08:26Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: chartmuseum
+            componentID: 03eb8e87cf063a9d
+            componentName: google.golang.org/protobuf
+            componentVersion: v1.31.0
+            componentType: go-module
+            componentLocation: /usr/bin/chartmuseum
+            scanner: grype
+      - timestamp: 2024-03-14T15:22:59Z
+        type: fixed
+        data:
+          fixed-version: 0.16.1-r5
+
   - id: CVE-2024-25620
     aliases:
       - GHSA-v53g-5gjp-272r
@@ -151,25 +189,6 @@ advisories:
         data:
           fixed-version: 0.16.1-r3
 
-  - id: GHSA-8r3f-844c-mc37
-    events:
-      - timestamp: 2024-03-14T07:08:26Z
-        type: detection
-        data:
-          type: scan/v1
-          data:
-            subpackageName: chartmuseum
-            componentID: 03eb8e87cf063a9d
-            componentName: google.golang.org/protobuf
-            componentVersion: v1.31.0
-            componentType: go-module
-            componentLocation: /usr/bin/chartmuseum
-            scanner: grype
-      - timestamp: 2024-03-14T15:22:59Z
-        type: fixed
-        data:
-          fixed-version: 0.16.1-r5
-
   - id: GHSA-jq35-85cj-fj4p
     events:
       - timestamp: 2023-12-27T14:29:46Z