advisories/conftest.advisories.yaml at main · max-allan-cgr/advisories · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
schema-version: 2.0.2

package:
  name: conftest

advisories:
  - id: CVE-2023-44487
    aliases:
      - GHSA-m425-mq94-257g
      - GHSA-qppj-fm5r-hxr3
    events:
      - timestamp: 2023-10-30T12:41:31Z
        type: fixed
        data:
          fixed-version: 0.46.0-r1

  - id: CVE-2023-45283
    aliases:
      - GHSA-vvjp-q62m-2vph
    events:
      - timestamp: 2023-11-07T19:24:51Z
        type: false-positive-determination
        data:
          type: vulnerable-code-not-included-in-package
          note: Only affects Windows

  - id: CVE-2023-45284
    aliases:
      - GHSA-rq3x-83w4-p28c
    events:
      - timestamp: 2023-11-07T19:24:53Z
        type: false-positive-determination
        data:
          type: vulnerable-code-not-included-in-package
          note: Only affects Windows

  - id: CVE-2023-45288
    aliases:
      - GHSA-4v7x-pqxf-cx7m
    events:
      - timestamp: 2024-04-13T07:10:12Z
        type: fixed
        data:
          fixed-version: 0.51.0-r1

  - id: CVE-2023-48795
    aliases:
      - GHSA-45x7-px36-x8w8
    events:
      - timestamp: 2023-12-20T01:55:55Z
        type: fixed
        data:
          fixed-version: 0.47.0-r3

  - id: CVE-2024-23650
    aliases:
      - GHSA-9p26-698r-w4hx
    events:
      - timestamp: 2024-02-01T11:00:02Z
        type: fixed
        data:
          fixed-version: 0.49.0-r1

  - id: CVE-2024-23651
    aliases:
      - GHSA-m3r6-h7wv-7xxv
    events:
      - timestamp: 2024-02-01T11:00:03Z
        type: fixed
        data:
          fixed-version: 0.49.0-r1

  - id: CVE-2024-23652
    aliases:
      - GHSA-4v98-7qmw-rqr8
    events:
      - timestamp: 2024-02-01T11:00:02Z
        type: fixed
        data:
          fixed-version: 0.49.0-r1

  - id: CVE-2024-23653
    aliases:
      - GHSA-wr6v-9f75-vh2g
    events:
      - timestamp: 2024-02-01T11:00:04Z
        type: fixed
        data:
          fixed-version: 0.49.0-r1

  - id: CVE-2024-24786
    aliases:
      - GHSA-8r3f-844c-mc37
    events:
      - timestamp: 2024-03-14T15:18:57Z
        type: fixed
        data:
          fixed-version: 0.50.0-r1

  - id: CVE-2024-29018
    aliases:
      - GHSA-mq39-4gv4-mvpx
    events:
      - timestamp: 2024-03-21T11:16:31Z
        type: fixed
        data:
          fixed-version: 0.50.0-r2

  - id: CVE-2024-3817
    aliases:
      - GHSA-q64h-39hv-4cf7
    events:
      - timestamp: 2024-05-03T07:18:46Z
        type: fixed
        data:
          fixed-version: 0.52.0-r0

  - id: GHSA-jq35-85cj-fj4p
    events:
      - timestamp: 2023-10-31T20:03:41Z
        type: false-positive-determination
        data:
          type: vulnerable-code-not-included-in-package
          note: This vulnerability is in the container runtime itself, not clients of the container runtime.