forked from wolfi-dev/advisories
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathcontainerd.advisories.yaml
127 lines (118 loc) · 3.27 KB
/
containerd.advisories.yaml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
schema-version: 2.0.2
package:
name: containerd
advisories:
- id: CVE-2023-39325
aliases:
- GHSA-4374-p667-p6c8
events:
- timestamp: 2023-10-13T16:45:56Z
type: fixed
data:
fixed-version: 1.7.7-r2
- id: CVE-2023-3978
aliases:
- GHSA-2wrh-6pvc-2jm9
events:
- timestamp: 2023-10-13T16:47:25Z
type: fixed
data:
fixed-version: 1.7.7-r2
- id: CVE-2023-45283
aliases:
- GHSA-vvjp-q62m-2vph
events:
- timestamp: 2023-11-07T19:25:02Z
type: false-positive-determination
data:
type: vulnerable-code-not-included-in-package
note: Only affects Windows
- id: CVE-2023-45284
aliases:
- GHSA-rq3x-83w4-p28c
events:
- timestamp: 2023-11-07T19:25:03Z
type: false-positive-determination
data:
type: vulnerable-code-not-included-in-package
note: Only affects Windows
- id: CVE-2023-45288
aliases:
- GHSA-4v7x-pqxf-cx7m
events:
- timestamp: 2024-04-20T09:17:17Z
type: detection
data:
type: scan/v1
data:
subpackageName: containerd
componentID: bd637285fe22c229
componentName: golang.org/x/net
componentVersion: v0.17.0
componentType: go-module
componentLocation: /usr/bin/containerd
scanner: grype
- timestamp: 2024-04-20T14:43:23Z
type: fixed
data:
fixed-version: 1.7.15-r1
- id: CVE-2023-47108
aliases:
- GHSA-8pgv-569h-w5rw
events:
- timestamp: 2024-01-16T10:49:18Z
type: detection
data:
type: scan/v1
data:
subpackageName: containerd
componentID: c2c7716ee702ed24
componentName: go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc
componentVersion: v0.45.0
componentType: go-module
componentLocation: /usr/bin/containerd
scanner: grype
- timestamp: 2024-01-16T19:51:22Z
type: fixed
data:
fixed-version: 1.7.12-r1
- id: CVE-2023-48795
aliases:
- GHSA-45x7-px36-x8w8
events:
- timestamp: 2024-01-16T10:49:17Z
type: detection
data:
type: scan/v1
data:
subpackageName: containerd
componentID: ed973e396deb930c
componentName: golang.org/x/crypto
componentVersion: v0.14.0
componentType: go-module
componentLocation: /usr/bin/containerd
scanner: grype
- timestamp: 2024-01-16T19:51:22Z
type: fixed
data:
fixed-version: 1.7.12-r1
- id: CVE-2024-24786
aliases:
- GHSA-8r3f-844c-mc37
events:
- timestamp: 2024-03-14T07:06:09Z
type: detection
data:
type: scan/v1
data:
subpackageName: ctr
componentID: 95d38090e4159399
componentName: google.golang.org/protobuf
componentVersion: v1.31.0
componentType: go-module
componentLocation: /usr/bin/ctr
scanner: grype
- timestamp: 2024-03-16T09:13:11Z
type: fixed
data:
fixed-version: 1.7.14-r1