Adding detection events for kube-fluentd-operator (#1677)

* Adding Advisory GHSA-22f2-v57c-j9cx for kube-fluentd-operator * Adding Advisory GHSA-54rr-7fvw-6x8f for kube-fluentd-operator * Adding Advisory GHSA-xj5v-6v4g-jfw6 for kube-fluentd-operator --------- Co-authored-by: chainguardian <101908552+chainguardian@users.noreply.github.com>
wolfi-dev · Feb 29, 2024 · a3bc9cd · a3bc9cd
1 parent 7a6a84c
commit a3bc9cd
Showing 1 changed file with 62 additions and 9 deletions.
diff --git a/kube-fluentd-operator.advisories.yaml b/kube-fluentd-operator.advisories.yaml
@@ -70,16 +70,9 @@ advisories:
           type: vulnerable-code-not-included-in-package
           note: Only affects Windows
 
-  - id: CVE-2023-48795
+  - id: CVE-2023-4785
     aliases:
-      - GHSA-45x7-px36-x8w8
-    events:
-      - timestamp: 2023-12-21T09:48:40Z
-        type: fixed
-        data:
-          fixed-version: 1.18.1-r1
-
-  - id: GHSA-p25m-jpj4-qcrr
+      - GHSA-p25m-jpj4-qcrr
     events:
       - timestamp: 2024-02-12T07:27:23Z
         type: detection
@@ -97,3 +90,63 @@ advisories:
         type: fixed
         data:
           fixed-version: 1.18.2-r1
+
+  - id: CVE-2023-48795
+    aliases:
+      - GHSA-45x7-px36-x8w8
+    events:
+      - timestamp: 2023-12-21T09:48:40Z
+        type: fixed
+        data:
+          fixed-version: 1.18.1-r1
+
+  - id: CVE-2024-25126
+    aliases:
+      - GHSA-22f2-v57c-j9cx
+    events:
+      - timestamp: 2024-02-29T08:06:44Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: kube-fluentd-operator
+            componentID: 1bdddca2f8dfb39e
+            componentName: rack
+            componentVersion: 3.0.8
+            componentType: gem
+            componentLocation: /usr/lib/ruby/gems/3.2.0/ruby/3.2.0/specifications/rack-3.0.8.gemspec
+            scanner: grype
+
+  - id: CVE-2024-26141
+    aliases:
+      - GHSA-xj5v-6v4g-jfw6
+    events:
+      - timestamp: 2024-02-29T08:06:47Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: kube-fluentd-operator
+            componentID: 1bdddca2f8dfb39e
+            componentName: rack
+            componentVersion: 3.0.8
+            componentType: gem
+            componentLocation: /usr/lib/ruby/gems/3.2.0/ruby/3.2.0/specifications/rack-3.0.8.gemspec
+            scanner: grype
+
+  - id: CVE-2024-26146
+    aliases:
+      - GHSA-54rr-7fvw-6x8f
+    events:
+      - timestamp: 2024-02-29T08:06:45Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: kube-fluentd-operator
+            componentID: 1bdddca2f8dfb39e
+            componentName: rack
+            componentVersion: 3.0.8
+            componentType: gem
+            componentLocation: /usr/lib/ruby/gems/3.2.0/ruby/3.2.0/specifications/rack-3.0.8.gemspec
+            scanner: grype