forked from wolfi-dev/advisories
-
Notifications
You must be signed in to change notification settings - Fork 0
/
cri-tools.advisories.yaml
56 lines (51 loc) · 1.53 KB
/
cri-tools.advisories.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
schema-version: 2.0.2
package:
name: cri-tools
advisories:
- id: CVE-2019-11255
aliases:
- GHSA-f4w6-3rh6-6q4q
events:
- timestamp: 2023-08-11T16:52:08Z
type: false-positive-determination
data:
type: vulnerable-code-not-included-in-package
note: Vulnerable code is part of an external controller not included kubernetes/kubernetes library
- id: CVE-2023-45283
aliases:
- GHSA-vvjp-q62m-2vph
events:
- timestamp: 2023-11-07T19:25:19Z
type: false-positive-determination
data:
type: vulnerable-code-not-included-in-package
note: Only affects Windows
- id: CVE-2023-45284
aliases:
- GHSA-rq3x-83w4-p28c
events:
- timestamp: 2023-11-07T19:25:20Z
type: false-positive-determination
data:
type: vulnerable-code-not-included-in-package
note: Only affects Windows
- id: CVE-2023-47108
aliases:
- GHSA-8pgv-569h-w5rw
events:
- timestamp: 2024-01-11T07:06:55Z
type: detection
data:
type: scan/v1
data:
subpackageName: crictl
componentID: 7ea7b73b0dc5700e
componentName: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
componentVersion: v0.42.0
componentType: go-module
componentLocation: /usr/bin/crictl
scanner: grype
- timestamp: 2024-01-24T07:05:17Z
type: fixed
data:
fixed-version: 1.29.0-r2