cert-manager-1.13.advisories.yaml

schema-version: 2.0.2

package:
  name: cert-manager-1.13

advisories:
  - id: CVE-2023-44487
    aliases:
      - GHSA-m425-mq94-257g
      - GHSA-qppj-fm5r-hxr3
    events:
      - timestamp: 2023-11-01T14:31:12Z
        type: fixed
        data:
          fixed-version: 1.13.2-r0

  - id: CVE-2023-45142
    aliases:
      - GHSA-rcjv-mgp8-qvmr
    events:
      - timestamp: 2023-10-19T12:35:15Z
        type: fixed
        data:
          fixed-version: 1.13.1-r4

  - id: CVE-2023-45283
    aliases:
      - GHSA-vvjp-q62m-2vph
    events:
      - timestamp: 2023-11-07T19:24:04Z
        type: false-positive-determination
        data:
          type: vulnerable-code-not-included-in-package
          note: Only affects Windows

  - id: CVE-2023-45284
    aliases:
      - GHSA-rq3x-83w4-p28c
    events:
      - timestamp: 2023-11-07T19:24:06Z
        type: false-positive-determination
        data:
          type: vulnerable-code-not-included-in-package
          note: Only affects Windows

  - id: CVE-2023-47108
    aliases:
      - GHSA-8pgv-569h-w5rw
    events:
      - timestamp: 2023-11-16T14:22:49Z
        type: fixed
        data:
          fixed-version: 1.13.2-r1

  - id: CVE-2023-48795
    aliases:
      - GHSA-45x7-px36-x8w8
    events:
      - timestamp: 2023-12-19T16:58:38Z
        type: fixed
        data:
          fixed-version: 1.13.3-r1

  - id: CVE-2024-25620
    aliases:
      - GHSA-v53g-5gjp-272r
    events:
      - timestamp: 2024-02-16T07:13:46Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cmctl-1.13
            componentID: e7ddd3c5ccbddf71
            componentName: helm.sh/helm/v3
            componentVersion: v3.12.3
            componentType: go-module
            componentLocation: /usr/bin/cmctl
            scanner: grype

  - id: GHSA-2c7c-3mj9-8fqh
    events:
      - timestamp: 2023-11-23T08:31:08Z
        type: fixed
        data:
          fixed-version: 1.13.2-r2

  - id: GHSA-7ww5-4wqc-m92c
    events:
      - timestamp: 2024-01-11T07:17:36Z
        type: detection
        data:
          type: scan/v1
          data:
            subpackageName: cmctl-1.13
            componentID: 88e1fd4d413b10c6
            componentName: github.com/containerd/containerd
            componentVersion: v1.7.6
            componentType: go-module
            componentLocation: /usr/bin/cmctl
            scanner: grype
      - timestamp: 2024-01-25T07:03:55Z
        type: fixed
        data:
          fixed-version: 1.13.3-r2

  - id: GHSA-jq35-85cj-fj4p
    events:
      - timestamp: 2023-11-16T14:21:46Z
        type: fixed
        data:
          fixed-version: 1.13.2-r1