{ "@context": "https://openvex.dev/ns/v0.2.0", "@id": "https://openvex.dev/docs/public/vex-448cca1c5fcf94ecb7030d60b08ef39b387f34f5faaa2be0e8e1f61f31124f1b", "author": "Rancher Security team", "timestamp": "2024-07-12T17:54:37.399069972-03:00", "last_updated": "2025-07-16T14:03:07.133151787Z", "version": 15084, "statements": [ { "vulnerability": { "name": "CVE-2019-11881" }, "timestamp": "2025-07-16T13:19:46.606912971Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The commit version of the dependency in use doesn't have the vulnerable code" }, { "vulnerability": { "name": "CVE-2019-12274" }, "timestamp": "2025-07-16T13:19:46.664446278Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The commit version of the dependency in use doesn't have the vulnerable code" }, { "vulnerability": { "name": "CVE-2019-12274", "aliases": [ "GHSA-gc62-j469-9gjm", "GO-2023-1991" ] }, "timestamp": "2025-07-16T13:19:46.722780638Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher" } ] } ], "status": "not_affected", "justification": "inline_mitigations_already_exist", "impact_statement": "The vulnerability is already patched since version v0.2.0 of kube-api-auth." }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:46.786372359Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:46.844036187Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:46.900197299Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:46.957328484Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.015706975Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.07279581Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.134428824Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.192371402Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.251068104Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.309411204Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.375066544Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.433775985Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.491710874Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.549346242Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.610112992Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.667334768Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.725586748Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.782577833Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.838783024Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.895048237Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:47.952828435Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.013746715Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.071550043Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.12897233Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.186263356Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.242666319Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.298807101Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.357676393Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.418716924Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.477457026Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.538366977Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.596113085Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.654140134Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.713502688Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20230124173128-2207cfed1803" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.76964202Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.827193467Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.885678618Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:48.942716313Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.001584365Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.059120163Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.118526317Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.179595948Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.237795278Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.29402614Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.351364946Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.411493554Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.469505173Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.528268355Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.58525267Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.642978808Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240205190724-2f7113dc32d4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.700527905Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240730202829-9e0cc54e7e3a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.760405102Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20241004204441-d3c434633444" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.819718456Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240205190724-2f7113dc32d4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.877103922Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240730202829-9e0cc54e7e3a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-13209", "aliases": [ "GHSA-xhg2-rvm8-w2jh", "GO-2022-0755" ] }, "timestamp": "2025-07-16T13:19:49.935358662Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20241004204441-d3c434633444" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:49.994624816Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.051804422Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.10947179Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.171666725Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.231683652Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.289771752Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.347188798Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.406631053Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.465427705Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.522892982Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.581986786Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2019-14271", "aliases": [ "GHSA-v2cv-wwxq-qq97", "GO-2024-2521" ] }, "timestamp": "2025-07-16T13:19:50.639889314Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-14040", "aliases": [ "GHSA-5rcv-m4m3-hfh7", "GO-2020-0015" ] }, "timestamp": "2025-07-16T13:19:50.698600536Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-14040", "aliases": [ "GHSA-5rcv-m4m3-hfh7", "GO-2020-0015" ] }, "timestamp": "2025-07-16T13:19:50.756438504Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:50.817240354Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/trivy", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:50.876095137Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/trivy@v0.63.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:50.933121952Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/trivy@v0.64.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:50.994181723Z", "products": [ { "@id": "pkg:golang/github.com/cloudnativelabs/kube-router/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.052805824Z", "products": [ { "@id": "pkg:golang/github.com/cloudnativelabs/kube-router/v2@v2.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.111914958Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.194" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.171294452Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.230213095Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.91" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.288360454Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.25" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.347504678Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.54.11" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.408085547Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.469315109Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.529663367Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.194" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.589815225Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.648374876Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.25" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.706338295Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.12.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.764980126Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.12.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.823341977Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.91" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.883587905Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:51.94077119Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.00138937Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.061505617Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.121716445Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.181453541Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.40.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.241876879Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.50.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.303183301Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.50.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.363200968Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.31" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.421715029Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.484832369Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.545352688Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.206" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.603480057Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.206" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.663824235Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.723558631Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.783746459Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.842097139Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.902834179Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:52.961089349Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.023135174Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.082700739Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.141524671Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.203826037Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.266283414Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.326387831Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.386465859Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.44762969Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.509451544Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.570146094Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.630439832Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.690960241Z", "products": [ { "@id": "pkg:golang/github.com/hashicorp/consul", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.753774329Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.814372818Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.874875717Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.936582261Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:53.999508129Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.061421883Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.122775746Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.183728076Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.244341906Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.306370391Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.367663503Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.42771338Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.48858833Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.550111963Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.611530565Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.673236119Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.735444815Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.799066636Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.861312082Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.923767068Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:54.987102058Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.050373618Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.109215551Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.170237811Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.23066066Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.291781901Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.351135806Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.412800759Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.472652735Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.533188074Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.593432302Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.655193766Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.717493882Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.46.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.778927075Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.838724931Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.898498597Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.46.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:55.961359045Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.024701395Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.083708378Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.146508966Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.43.31" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.207056255Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3@v3.13.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.43.31" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.267698895Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.330452842Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator@v0.80.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.390526719Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.156" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.450966788Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.317" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.514261528Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.576421923Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.636157909Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.156" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.699035618Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.317" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.758843044Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.27.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.81866036Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.28.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.880035722Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.187" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:56.941055893Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.276" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.00116272Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.062953554Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.53.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.12253144Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.184266493Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.246380099Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.302.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.308057462Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.187" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.368931782Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.276" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.430395255Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.491155605Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.53.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.53.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.555190078Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.55.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.616383919Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.187" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.676428687Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.276" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.738827283Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.800743617Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.53.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.53.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.863613486Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.55.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.928191971Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v3.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:57.991162889Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.053293185Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.114776977Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.178634559Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.24" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.238796697Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.302739459Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.363062178Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.426006416Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.487317348Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.5-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.549060612Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.61429134Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.6-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.675701002Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.7-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.736795763Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.799871532Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.862109788Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.925588479Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:58.987520073Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.049698909Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.112417536Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.3-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.174950243Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.236220245Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.12.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.297732958Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.12.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.358180147Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.12.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.419977651Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.10", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.480791361Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.10-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.54395768Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.606376107Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.668711103Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.729430912Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.792387281Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.853523842Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.11", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.916698312Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.11-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:19:59.980334463Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.12", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.043726083Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.13", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.105878809Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.13-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.167979134Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.229605547Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.29102436Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.35187542Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.413695254Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.474840686Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.537793104Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.598914585Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.66337455Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.724841703Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.786851767Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.849843376Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.910324145Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:00.971554837Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.033790972Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.095827667Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.158353864Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.222031446Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.286214179Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.348202074Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.410115388Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.3-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.473254658Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.53459838Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.597509078Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.661028199Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.723545956Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.13.0-beta.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.786662385Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.848564849Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.909834411Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:01.971346814Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.037348085Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.09940059Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.162397239Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.224290553Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.287822224Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.349906029Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.413822461Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.475341424Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.538101392Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.600760329Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.662226202Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.725305851Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.788612701Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.852965445Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.91488716Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:02.979592475Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.042962625Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.24" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.106010284Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.168521141Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.233582418Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.296323116Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.358888373Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.421388309Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.48484563Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.549050364Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.613606468Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.677583411Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.740222568Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0-rc9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.802843846Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.867880682Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.932228666Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:03.997274153Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.06230144Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.127197696Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.192758825Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.258506545Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.322544977Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.12.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.386146339Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.450583473Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.514142094Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.577839665Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.641813048Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.707737018Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.770923628Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.24" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.835497083Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.899962947Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:04.963795469Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.028142053Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.092227966Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.155907488Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.223375394Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.21" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.286355643Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.349069221Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.21" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.415257332Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.21" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.480157658Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.544900084Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15-rc4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.608231834Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.671490483Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.734087241Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.796954809Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.860016558Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.92384391Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:05.989452539Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.054865407Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.120847558Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.185611123Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.250484779Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.314071481Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.377715602Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.442902109Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.505072325Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.56966969Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.634312005Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.699027261Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.761903019Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.825920912Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.890605677Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:06.956909929Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.021785195Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.085005494Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.14942177Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.215580493Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.280556221Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.0+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.345636399Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.0-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.409673243Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.0-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.473638177Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.538456784Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.1-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.603343972Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.1-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.667946929Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.731689571Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.2-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.795071523Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.2-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.860977055Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.48.14" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.923767113Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:07.985341297Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.34.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.48.14" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.051971002Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.37.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.117467492Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.181643557Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.247407558Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.10", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.311941164Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.18", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.376602571Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.20", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.441324988Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.506330986Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.57287694Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v3@v3.3.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.638434191Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.7036854Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.767190262Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.831442447Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.894569977Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:08.959082493Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:09.024201941Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8911", "aliases": [ "GHSA-f5pg-7wfw-84q9", "GO-2022-0646" ] }, "timestamp": "2025-07-16T13:20:09.088988889Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.151896558Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/trivy", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.214899968Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/trivy@v0.63.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.278846962Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/trivy@v0.64.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.340478086Z", "products": [ { "@id": "pkg:golang/github.com/cloudnativelabs/kube-router/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.40449121Z", "products": [ { "@id": "pkg:golang/github.com/cloudnativelabs/kube-router/v2@v2.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.466115974Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.194" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.53064213Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.59367169Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.91" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.656333448Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.25" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.721422797Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.54.11" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.783881214Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.847349026Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.912052923Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.194" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:09.97670316Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.040908664Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.25" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.103879214Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.12.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.168109019Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.12.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.231635891Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.91" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.297327122Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.361974418Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.426100313Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.491413662Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.556637281Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.619914282Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.40.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.684717649Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.50.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.749556757Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.50.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.288" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.813661581Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.31" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.87893111Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:10.942698653Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.006166765Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.206" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.069658417Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.206" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.133958352Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.200470756Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.265848886Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.330133241Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.395772402Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.462441067Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.528875021Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.594404091Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.658303114Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.721743346Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.786525593Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.85126301Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.915935787Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:11.986190767Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.051788827Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.118680003Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.185066537Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.250890368Z", "products": [ { "@id": "pkg:golang/github.com/hashicorp/consul", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.315990367Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.380141741Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.444927288Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.509603375Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.574898304Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.641908511Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.707927443Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.7752145Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.840988252Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.907225745Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:12.974203651Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.038832978Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.102148259Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.168669503Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.232708147Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.298131947Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.364198069Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.430508953Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.496507625Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.8.2-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.562667938Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.626976753Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.692210922Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.757517231Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.822093008Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.889358625Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.9.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:13.954909515Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.021649101Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.087898084Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.151845728Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.218864824Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.283189969Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.348584499Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.414059519Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.46.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.480259522Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.543910064Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.610076517Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.46.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.677041803Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.74422253Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.808107844Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.872817121Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.43.31" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:14.937971799Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3@v3.13.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.43.31" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.002344895Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.068881249Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator@v0.80.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.13445684Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.156" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.198873285Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.317" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.264429546Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.337124965Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.405879619Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.156" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.471437839Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.317" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.536826549Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.27.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.603439734Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.28.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.670839762Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.187" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.736100981Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.276" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.802852526Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.868190146Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.53.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:15.93468152Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.001613786Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.06805223Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.302.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.133005118Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.187" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.200156194Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.276" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.265691435Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.332576691Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.53.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.53.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.399080665Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.55.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.465110537Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.187" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.53356271Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.276" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.600205474Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.666382707Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.53.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.53.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.734480038Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.55.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.800093359Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v3.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.866597913Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.931781322Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:16.997548353Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.063840596Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.24" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.130015959Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.197796479Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.264351603Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.329892953Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.397149101Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.5-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.464553959Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.529286516Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.6-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.594454875Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.7-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.663941931Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.731254449Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.798242705Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.862746881Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.928754013Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:17.994051332Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.06129082Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.3-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.128492387Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.195073291Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.12.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.259734198Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.12.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.326750044Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.12.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.392927527Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.10", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.45912806Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.10-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.527413212Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.596849948Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.664106106Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.731685684Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.798817431Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.865872128Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.11", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:18.932464912Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.11-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.001529937Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.12", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.069277547Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.13", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.13807259Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.13-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.206386572Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.271955872Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.337577773Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.405224112Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.472135648Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.541010012Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.610555439Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.679426453Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.746272938Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.812803653Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.880419142Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:19.94789308Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.016507793Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.084047241Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.151876721Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.219049068Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.284500198Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.350290239Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.419324274Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.487131434Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.554909693Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.3-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.623294665Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.690950954Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.759027085Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.827942439Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.4-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.896866093Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.13.0-beta.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:20.963568458Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.031704959Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.099402149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.122" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.168331343Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.236484804Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.303021438Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.369990584Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.322" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.437507183Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.50.38" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.505074912Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.576243765Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.644286396Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.712144375Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.34.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.779781104Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.846466449Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.91444046Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:21.981433616Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.048098031Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.116862674Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.183463039Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.251795921Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.319689401Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.24" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.386449906Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.453597173Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.519266514Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.588251318Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.656287549Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.723689897Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.790763984Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.857200588Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.925144238Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:22.992971447Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.060201315Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0-rc9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.128344526Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.196066445Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.263621744Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.331520694Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.399487159Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.46772442Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.53566589Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.60334879Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.67116767Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.12.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.742477045Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.811481577Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.879957417Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:23.950831552Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.019339093Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.088220404Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.154004371Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.49.24" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.22127776Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.28909836Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.359176874Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.428341626Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.495380454Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.564448296Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.63466116Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.21" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.705104253Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.775262147Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.21" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.84559908Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.51.21" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.915985334Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:24.984875036Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15-rc4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.053619847Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.12338329Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.19156266Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.259915501Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.327790561Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.395759971Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.464148392Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.532905383Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.601122534Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.669377044Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.738143736Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.80874547Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.877594161Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:25.945052251Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.013533332Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.081807512Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.150637304Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.219202615Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.287627255Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.357041668Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.424079646Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.492257017Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.5623705Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.630632391Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.702127296Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.770352047Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.839349708Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.0+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.90808005Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.0-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:26.978740764Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.0-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.048354537Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.117687219Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.1-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.189152884Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.1-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.257707445Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.325132434Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.2-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.393612775Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.33.2-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.461624256Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.48.14" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.528602024Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.595754903Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.34.1", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.48.14" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.663296793Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.37.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.55.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.731398283Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.799620724Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.867988114Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.10", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:27.938065708Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.18", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.00725459Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.20", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.075929381Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.8", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.144610272Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.212463732Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v3@v3.3.2", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.327" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.279941291Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.34703996Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.416079322Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.486820586Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.555701008Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.623042967Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.38.49" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.692280729Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2020-8912", "aliases": [ "GHSA-7f33-f4f5-xwgw", "GO-2022-0635" ] }, "timestamp": "2025-07-16T13:20:28.76089173Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/github.com/aws/aws-sdk-go@v1.44.116" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-25313" }, "timestamp": "2025-07-16T13:20:28.830057702Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The commit version of the dependency in use doesn't have the vulnerable code" }, { "vulnerability": { "name": "CVE-2021-31525", "aliases": [ "GHSA-h86h-8ppg-mxmh", "GO-2022-0236" ] }, "timestamp": "2025-07-16T13:20:28.901638168Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-31525", "aliases": [ "GHSA-h86h-8ppg-mxmh", "GO-2022-0236" ] }, "timestamp": "2025-07-16T13:20:28.973636094Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-31525", "aliases": [ "GHSA-h86h-8ppg-mxmh", "GO-2022-0236" ] }, "timestamp": "2025-07-16T13:20:29.0456944Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-31525", "aliases": [ "GHSA-h86h-8ppg-mxmh", "GO-2022-0236" ] }, "timestamp": "2025-07-16T13:20:29.115382563Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-31525", "aliases": [ "GHSA-h86h-8ppg-mxmh", "GO-2022-0236" ] }, "timestamp": "2025-07-16T13:20:29.182810952Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-31525", "aliases": [ "GHSA-h86h-8ppg-mxmh", "GO-2022-0236" ] }, "timestamp": "2025-07-16T13:20:29.250644092Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-33194", "aliases": [ "GHSA-83g2-8m93-v3w7", "GO-2021-0238" ] }, "timestamp": "2025-07-16T13:20:29.320201624Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-33194", "aliases": [ "GHSA-83g2-8m93-v3w7", "GO-2021-0238" ] }, "timestamp": "2025-07-16T13:20:29.389875527Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-33194", "aliases": [ "GHSA-83g2-8m93-v3w7", "GO-2021-0238" ] }, "timestamp": "2025-07-16T13:20:29.458610748Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-33194", "aliases": [ "GHSA-83g2-8m93-v3w7", "GO-2021-0238" ] }, "timestamp": "2025-07-16T13:20:29.52755484Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-33194", "aliases": [ "GHSA-83g2-8m93-v3w7", "GO-2021-0238" ] }, "timestamp": "2025-07-16T13:20:29.596083051Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-33194", "aliases": [ "GHSA-83g2-8m93-v3w7", "GO-2021-0238" ] }, "timestamp": "2025-07-16T13:20:29.663874961Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-36775" }, "timestamp": "2025-07-16T13:20:29.731764951Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher@v0.0.0-20240919204204-3da2ae0cabd1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "The commit version of the dependency in use doesn't have the vulnerable code" }, { "vulnerability": { "name": "CVE-2021-36775", "aliases": [ "GHSA-28g7-896h-695v", "GO-2024-2760" ] }, "timestamp": "2025-07-16T13:20:29.799655741Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/rancher" } ] } ], "status": "not_affected", "justification": "inline_mitigations_already_exist", "impact_statement": "The vulnerability is already patched since version v0.2.0 of kube-api-auth." }, { "vulnerability": { "name": "CVE-2021-38561", "aliases": [ "GHSA-ppp9-7jff-5vj2", "GO-2021-0113" ] }, "timestamp": "2025-07-16T13:20:29.867635251Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-38561", "aliases": [ "GHSA-ppp9-7jff-5vj2", "GO-2021-0113" ] }, "timestamp": "2025-07-16T13:20:29.939230257Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-38561", "aliases": [ "GHSA-ppp9-7jff-5vj2", "GO-2021-0113" ] }, "timestamp": "2025-07-16T13:20:30.007983848Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-38561", "aliases": [ "GHSA-ppp9-7jff-5vj2", "GO-2021-0113" ] }, "timestamp": "2025-07-16T13:20:30.077592011Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-38561", "aliases": [ "GHSA-ppp9-7jff-5vj2", "GO-2021-0113" ] }, "timestamp": "2025-07-16T13:20:30.147570504Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-38561", "aliases": [ "GHSA-ppp9-7jff-5vj2", "GO-2021-0113" ] }, "timestamp": "2025-07-16T13:20:30.216986466Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.286620258Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.356550652Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.426027664Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.494890655Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.563895467Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.632178388Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.702634682Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.772926945Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.843122099Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.913558062Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:30.982154793Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:31.051739666Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:31.121564739Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41089", "aliases": [ "GHSA-v994-f8vw-g7j4", "GO-2024-2913" ] }, "timestamp": "2025-07-16T13:20:31.192830704Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.261633145Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.331176398Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.40064848Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.46869402Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.538028103Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.606950844Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.676165966Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.747356561Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.817971065Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.886500086Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:31.956086819Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:32.025525101Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:32.096771946Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-41091", "aliases": [ "GHSA-3fwx-pjgw-3558", "GO-2024-2500" ] }, "timestamp": "2025-07-16T13:20:32.166754849Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-44716", "aliases": [ "GHSA-vc3p-29h2-gpcp", "GO-2022-0288" ] }, "timestamp": "2025-07-16T13:20:32.239043746Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-44716", "aliases": [ "GHSA-vc3p-29h2-gpcp", "GO-2022-0288" ] }, "timestamp": "2025-07-16T13:20:32.308938869Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-44716", "aliases": [ "GHSA-vc3p-29h2-gpcp", "GO-2022-0288" ] }, "timestamp": "2025-07-16T13:20:32.380067083Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-44716", "aliases": [ "GHSA-vc3p-29h2-gpcp", "GO-2022-0288" ] }, "timestamp": "2025-07-16T13:20:32.451490559Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-44716", "aliases": [ "GHSA-vc3p-29h2-gpcp", "GO-2022-0288" ] }, "timestamp": "2025-07-16T13:20:32.522912714Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-44716", "aliases": [ "GHSA-vc3p-29h2-gpcp", "GO-2022-0288" ] }, "timestamp": "2025-07-16T13:20:32.591342275Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2021-44716", "aliases": [ "GHSA-vc3p-29h2-gpcp", "GO-2022-0288" ] }, "timestamp": "2025-07-16T13:20:32.659563325Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-23524", "aliases": [ "GHSA-6rx9-889q-vv2r", "GO-2022-1167" ] }, "timestamp": "2025-07-16T13:20:32.729251238Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-23524", "aliases": [ "GHSA-6rx9-889q-vv2r", "GO-2022-1167" ] }, "timestamp": "2025-07-16T13:20:32.798091859Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-23525", "aliases": [ "GHSA-53c4-hhmh-vw5q", "GO-2022-1165" ] }, "timestamp": "2025-07-16T13:20:32.865553639Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-23525", "aliases": [ "GHSA-53c4-hhmh-vw5q", "GO-2022-1165" ] }, "timestamp": "2025-07-16T13:20:32.934630511Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-23526", "aliases": [ "GHSA-67fx-wx78-jx33", "GO-2022-1166" ] }, "timestamp": "2025-07-16T13:20:33.002531671Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-23526", "aliases": [ "GHSA-67fx-wx78-jx33", "GO-2022-1166" ] }, "timestamp": "2025-07-16T13:20:33.06969125Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27191", "aliases": [ "GHSA-8c26-wmh5-6g9v", "GO-2021-0356" ] }, "timestamp": "2025-07-16T13:20:33.139281022Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220214200702-86341886e292" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.210211017Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.278298267Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.34781193Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.418710254Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.487094315Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.556883738Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.624245417Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.69395483Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-27664", "aliases": [ "GHSA-69cg-p879-7622", "GO-2022-0969" ] }, "timestamp": "2025-07-16T13:20:33.763768542Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-28948", "aliases": [ "GHSA-hp87-p4gw-j4gq", "GO-2022-0603" ] }, "timestamp": "2025-07-16T13:20:33.835243628Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-28948", "aliases": [ "GHSA-hp87-p4gw-j4gq", "GO-2022-0603" ] }, "timestamp": "2025-07-16T13:20:33.905445711Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-28948", "aliases": [ "GHSA-hp87-p4gw-j4gq", "GO-2022-0603" ] }, "timestamp": "2025-07-16T13:20:33.976135245Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/yaml.v3@v3.0.0-20210107192922-496545a6307b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.04701109Z", "products": [ { "@id": "pkg:golang/github.com/containernetworking/plugins", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210809222454-d867a43fc93e" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.117789324Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210823070655-63515b42dcdf" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.188735759Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210510120138-977fb7262007" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.257856791Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210510120138-977fb7262007" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.329266406Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.399155119Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/pkg/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.469604813Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/pkg/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.540080157Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/pkg/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.607955797Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.67789308Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210603081109-ebe580a85c40" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.747811583Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210603081109-ebe580a85c40" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.818777117Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-29526", "aliases": [ "GHSA-p782-xgp4-8hr8", "GO-2022-0493" ] }, "timestamp": "2025-07-16T13:20:34.888009739Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/sys@v0.0.0-20210403161142-5e06dd20ab57" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:34.957898802Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.026505953Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.095999944Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.164335377Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.234214895Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.302229526Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.372850267Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.44381237Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.513544727Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.58467526Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.654452298Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.723624494Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.794646086Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.864205213Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:35.933940611Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.003173006Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.072647733Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.141340867Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.21248239Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.281695146Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.352108466Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.420688839Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.491526611Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.561109058Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.631404908Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.703115543Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.772636959Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.844004493Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.914372203Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-30636", "aliases": [ "GO-2024-2961" ] }, "timestamp": "2025-07-16T13:20:36.98395001Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31022", "aliases": [ "GHSA-9w9f-6mg8-jp7w", "GO-2022-0470" ] }, "timestamp": "2025-07-16T13:20:37.056385058Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/blevesearch/bleve/v2@v2.4.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.128201433Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.202419388Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.272818218Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.342880607Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.412945065Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.482417762Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.552742502Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.62249775Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.693464222Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.762142306Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.832041014Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.902739095Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:37.973915598Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.046664627Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.116069933Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.186330783Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.256719853Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.6", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.327158433Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.7", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.396451599Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.8", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.468979267Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220411195911-c2b951ab3480" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.540610232Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220411195911-c2b951ab3480" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.610847702Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220411195911-c2b951ab3480" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.680414999Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220217210408-3ecd23dfea3b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.750982889Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220217210408-3ecd23dfea3b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.823398287Z", "products": [ { "@id": "pkg:golang/github.com/rancher/ui-plugin-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-31249", "aliases": [ "GHSA-qrg7-hfx7-95c5", "GO-2023-1519" ] }, "timestamp": "2025-07-16T13:20:38.893918798Z", "products": [ { "@id": "pkg:golang/github.com/rancher/ui-plugin-operator@v0.1.3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:38.966028314Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.038417442Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.109868385Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.8-0.20211004125949-5bd84dd9b33b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.180694947Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.8-0.20211004125949-5bd84dd9b33b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.251421708Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.8-0.20211004125949-5bd84dd9b33b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.322733122Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.8-0.20211004125949-5bd84dd9b33b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.394788938Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.464767676Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.536684251Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.609503258Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.681528842Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-32149", "aliases": [ "GHSA-69ch-w2m2-3vjp", "GO-2022-1059" ] }, "timestamp": "2025-07-16T13:20:39.752047801Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/text@v0.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-36055", "aliases": [ "GHSA-7hfp-qfw3-5jxh", "GO-2022-0962" ] }, "timestamp": "2025-07-16T13:20:39.823355993Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-36055", "aliases": [ "GHSA-7hfp-qfw3-5jxh", "GO-2022-0962" ] }, "timestamp": "2025-07-16T13:20:39.894381564Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:39.966456169Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.039840038Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.111368291Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.182584722Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.252307408Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.321407412Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.392937264Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.465076769Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.53607033Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.606181377Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.67784779Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.749328213Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41717", "aliases": [ "GHSA-xrjj-mj9h-534m", "GO-2022-1144" ] }, "timestamp": "2025-07-16T13:20:40.821672918Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41721", "aliases": [ "GHSA-fxg5-wq6x-vr4w", "GO-2023-1495" ] }, "timestamp": "2025-07-16T13:20:40.893061121Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41721", "aliases": [ "GHSA-fxg5-wq6x-vr4w", "GO-2023-1495" ] }, "timestamp": "2025-07-16T13:20:40.964493053Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41721", "aliases": [ "GHSA-fxg5-wq6x-vr4w", "GO-2023-1495" ] }, "timestamp": "2025-07-16T13:20:41.037087409Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41721", "aliases": [ "GHSA-fxg5-wq6x-vr4w", "GO-2023-1495" ] }, "timestamp": "2025-07-16T13:20:41.1080129Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41721", "aliases": [ "GHSA-fxg5-wq6x-vr4w", "GO-2023-1495" ] }, "timestamp": "2025-07-16T13:20:41.180104785Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41721", "aliases": [ "GHSA-fxg5-wq6x-vr4w", "GO-2023-1495" ] }, "timestamp": "2025-07-16T13:20:41.250725434Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.321869795Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.392143873Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.461812429Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.531898026Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.605566627Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.678403814Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.750126237Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.820693887Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-41723", "aliases": [ "GHSA-vvpx-j8f3-3w6h", "GO-2023-1571" ] }, "timestamp": "2025-07-16T13:20:41.892723921Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:41.967850187Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.038688177Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.110970912Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.183610829Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.256008205Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.32814003Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.400713416Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.472790731Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.544878995Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.616132917Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.688461193Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.761993463Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.835117901Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.908038759Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:42.982730513Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.057497008Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.131102588Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.6", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.205521271Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.7", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.278009697Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.8", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.348344035Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220411195911-c2b951ab3480" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.42042072Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220411195911-c2b951ab3480" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.491458731Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220411195911-c2b951ab3480" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.562310111Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220217210408-3ecd23dfea3b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.632481969Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.11-0.20220217210408-3ecd23dfea3b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.703373149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/ui-plugin-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2022-43756", "aliases": [ "GHSA-8fcj-gf77-47mg", "GO-2023-1515" ] }, "timestamp": "2025-07-16T13:20:43.774804521Z", "products": [ { "@id": "pkg:golang/github.com/rancher/ui-plugin-operator@v0.1.3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/wrangler@v0.8.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:43.847860749Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:43.919766153Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:43.993403374Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.066380002Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.138761237Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.211711725Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.282880267Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.353339265Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.424982798Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.494810145Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.567444791Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.638463222Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.711004638Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.781770438Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.854116214Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.926076678Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:44.998076232Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.073202438Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.144210369Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.215768362Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.286338211Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.357474532Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.430616601Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.502837856Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.574441729Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.646327913Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.716237079Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.788274474Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.3.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.867102773Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-1732", "aliases": [ "GHSA-2q89-485c-9j2x", "GO-2023-1765" ] }, "timestamp": "2025-07-16T13:20:45.942301569Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/cloudflare/circl@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-2253" }, "timestamp": "2025-07-16T13:20:46.015724299Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/distribution@v2.8.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/issues/122457 ." }, { "vulnerability": { "name": "CVE-2023-25153", "aliases": [ "GHSA-259w-8hf6-59c2", "GO-2023-1573" ] }, "timestamp": "2025-07-16T13:20:46.088189055Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.6.15" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25153", "aliases": [ "GHSA-259w-8hf6-59c2", "GO-2023-1573" ] }, "timestamp": "2025-07-16T13:20:46.1604442Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.6.15" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25153", "aliases": [ "GHSA-259w-8hf6-59c2", "GO-2023-1573" ] }, "timestamp": "2025-07-16T13:20:46.2337967Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.6.15" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25165", "aliases": [ "GHSA-pwcw-6f5g-gxf8", "GO-2023-1547" ] }, "timestamp": "2025-07-16T13:20:46.306666017Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25165", "aliases": [ "GHSA-pwcw-6f5g-gxf8", "GO-2023-1547" ] }, "timestamp": "2025-07-16T13:20:46.378841072Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25165", "aliases": [ "GHSA-pwcw-6f5g-gxf8", "GO-2023-1547" ] }, "timestamp": "2025-07-16T13:20:46.452364932Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25165", "aliases": [ "GHSA-pwcw-6f5g-gxf8", "GO-2023-1547" ] }, "timestamp": "2025-07-16T13:20:46.522994421Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25173", "aliases": [ "GHSA-hmfx-3pcx-653p", "GO-2023-1574" ] }, "timestamp": "2025-07-16T13:20:46.594521934Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.6.15" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25173", "aliases": [ "GHSA-hmfx-3pcx-653p", "GO-2023-1574" ] }, "timestamp": "2025-07-16T13:20:46.665508465Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.6.15" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-25173", "aliases": [ "GHSA-hmfx-3pcx-653p", "GO-2023-1574" ] }, "timestamp": "2025-07-16T13:20:46.73770768Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.6.15" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-28452", "aliases": [ "GHSA-hfmw-7g3m-gj6q", "GO-2024-3130" ] }, "timestamp": "2025-07-16T13:20:46.81143164Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-28840" }, "timestamp": "2025-07-16T13:20:46.883651986Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Please check https://github.com/helm/helm/issues/12244" }, { "vulnerability": { "name": "CVE-2023-30464", "aliases": [ "GHSA-h92q-fgpp-qhrq", "GO-2024-3134" ] }, "timestamp": "2025-07-16T13:20:46.957478817Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-30464", "aliases": [ "GHSA-h92q-fgpp-qhrq", "GO-2024-3134" ] }, "timestamp": "2025-07-16T13:20:47.032300591Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.104354626Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.178603048Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.250766663Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.322727918Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.39405101Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.466713056Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.538043438Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.610823105Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.68284309Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.755509907Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.827657092Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.900551379Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:47.972173972Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.04516737Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.119801514Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.195258441Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.270669938Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.346415466Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.419525485Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.493694677Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.568502752Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.640280725Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.71235644Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.785365048Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.858967688Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:48.932567168Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.006054388Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.080367251Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.156675241Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.230618723Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.30336017Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.377860113Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.452568167Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.524838453Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.598645924Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.673711649Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.747095039Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.819365584Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.893413066Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20230120214941-e88c32739dc7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:49.967380378Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20240205154815-a3b9e3721c1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32192", "aliases": [ "GHSA-833m-37f7-jq55", "GO-2024-2534" ] }, "timestamp": "2025-07-16T13:20:50.043079556Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/apiserver@v0.0.0-20240205154815-a3b9e3721c1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.118042141Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.191742891Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.6.7", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.264293198Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.339351223Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.413069664Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.486722105Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.562131251Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.636458654Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.712520464Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.786260194Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.860091705Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:50.933923176Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.007080035Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.082572302Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.157744808Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.232184262Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.307011956Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.383193406Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.457235488Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.53141537Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.605285801Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.679239963Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.753260305Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.827712968Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.902493723Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:51.978191041Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.05434261Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.129140815Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.20397589Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.28032057Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.3564739Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.431738836Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.507668595Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.582183808Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.656046229Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.732085279Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.805502038Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.879078778Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.4.3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:52.952299487Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.026775891Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-dev.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.098855885Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.173966251Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.247587931Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.321705773Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.395740385Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.472474317Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.5468001Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.620061359Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.692040373Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.76475426Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20221205184727-32ef2e185b99" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.838030799Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20220406153559-82478fb169cb" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.912265982Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20220406153559-82478fb169cb" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:53.986786985Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20220406153559-82478fb169cb" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.060838877Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240205154641-a6a6cf569608" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.135995343Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240205154641-a6a6cf569608" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.214287521Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.288300292Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.363133587Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.439899009Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.513269988Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.587618571Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.665192516Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.8.15", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.738969827Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.8.15-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.815342597Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.889980431Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:54.96592557Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20210709145327-afd06f533ca3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:55.038836258Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry@v0.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20210709145327-afd06f533ca3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:55.112741569Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-32193", "aliases": [ "GHSA-r8f4-hv23-6qp6", "GO-2024-2536" ] }, "timestamp": "2025-07-16T13:20:55.186979822Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.7", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/norman@v0.0.0-20240206180703-6eda4bc94b4c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676" }, "timestamp": "2025-07-16T13:20:55.263363342Z", "products": [ { "@id": "pkg:golang/github.com/rancher/wins", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.337027623Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.410495273Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.487084474Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.561868959Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.636618175Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.708908993Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.7", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.783574319Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.858482356Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:55.933822915Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:56.006681044Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:56.080914719Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:56.154690712Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3676", "aliases": [ "GHSA-7fxm-f474-hf8w", "GO-2023-2330" ] }, "timestamp": "2025-07-16T13:20:56.228091423Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325" }, "timestamp": "2025-07-16T13:20:56.303597413Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Upstream confirmed that the affected code is not present in cri-tools - https://github.com/kubernetes-sigs/cri-tools/issues/1285 ." }, { "vulnerability": { "name": "CVE-2023-39325" }, "timestamp": "2025-07-16T13:20:56.380353996Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Upstream confirmed that the affected code is not present in cri-tools - https://github.com/kubernetes-sigs/cri-tools/issues/1285 ." }, { "vulnerability": { "name": "CVE-2023-39325" }, "timestamp": "2025-07-16T13:20:56.455266584Z", "products": [ { "@id": "pkg:golang/github.com/opencontainers/runc", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Upstream confirmed that the affected code is not present in runc - https://github.com/opencontainers/runc/pull/4244 ." }, { "vulnerability": { "name": "CVE-2023-39325" }, "timestamp": "2025-07-16T13:20:56.53010473Z", "products": [ { "@id": "pkg:golang/github.com/rancher/wins", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:56.604615256Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:56.682579205Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:56.757188481Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:56.830623012Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:56.904637586Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:56.978885621Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.05436631Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.130976913Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.21104488Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.28687373Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.36266317Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.436963905Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.21.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.513307358Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.587392752Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.660992274Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.735907341Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.810722278Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.885709135Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:57.961973237Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.038976272Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.115691916Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.189007297Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.263007701Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.337854568Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.417282472Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.492942202Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.569470695Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.644670873Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.720750104Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.796754966Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.872132354Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:58.947724054Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.022944942Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9@v10.2.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.101867384Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.175648467Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.250649745Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.326477875Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.401981694Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.477264743Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.554390058Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.63067553Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.707881846Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.784494899Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.858108162Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:20:59.9359627Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.011239288Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.086002935Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.163688902Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.23887408Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.314185059Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.39013634Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.466214361Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.543014595Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.620253871Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.695987211Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.772992236Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.849919951Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git@v1.0.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:00.928380281Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.005065035Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.083661355Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.161035442Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.238159087Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.313225225Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.390107159Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.465348497Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.541933051Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.621313584Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.696742223Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.772246103Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.849004757Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:01.92566557Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.001737592Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.078322665Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.154338786Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.229466924Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty@v3.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.306321448Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.381859138Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.457501198Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.53367663Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.609237639Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.683822285Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.760524779Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.837276103Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.911241666Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:02.989335275Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.067207783Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.144212878Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.22030177Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.296949943Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.372404012Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.449125226Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script@v1.0.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.525738939Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.602818095Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.679171257Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.75565326Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.833449228Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.913171683Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:03.989472505Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.066241539Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.143724716Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.220234139Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server@v0.4.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.296886522Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.374027728Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.450862692Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.527065124Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.605024482Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.682446019Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.759150262Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.8370279Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.914675288Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:04.990489058Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler@v0.2.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.068232716Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.144792629Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx@v0.3.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.223813591Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.300127213Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.380642621Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.457937557Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start@v0.4.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.533637527Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.609823779Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.68561868Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.762851465Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.840143941Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.91828654Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:05.995392065Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.072517901Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.148248001Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.223943921Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.302977443Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.379201025Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.455103896Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.530533185Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.606569096Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.68588969Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.763780918Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.839850189Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.917858898Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:06.995942077Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.073731725Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.152112535Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.231223437Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.309838088Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.384376404Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.462656723Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.538478994Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma@v0.4.31", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.616429682Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.692048762Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start@v0.14.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.769646079Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.846554363Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:07.923193317Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.000254632Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets@v0.9.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.076753545Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.154574133Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.230951365Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.306796956Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin@v0.5.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.384727914Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.463154114Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.541507254Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.619677133Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.696233987Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.773154221Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.852024063Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:08.931754978Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.009917707Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.088134476Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.165959284Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.245289488Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.323670828Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.400794043Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.479051112Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.558240346Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.636084373Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.714034452Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.793465546Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.87289801Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:09.954299051Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.034127606Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.114082912Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.190036793Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.267906291Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.345375847Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.422310242Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.498947905Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.577232745Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.658343335Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.737046986Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.81638728Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.892974013Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:10.970744851Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.052862575Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.132001807Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.210273147Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.288048495Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.366006633Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.443327249Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.51926649Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.596883558Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.675653255Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.754170921Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.829817937Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.912426518Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:11.98969401Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.067438703Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.148117688Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.224833777Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.303791065Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.381620178Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.459691143Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.536382092Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.61267479Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.689769391Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.767098852Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.844521604Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:12.921957686Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.000871444Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.078751148Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.156692712Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.235183128Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.311286125Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.38951381Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.469218781Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.547950368Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.625793311Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.702920142Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.781967181Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.859376953Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:13.937878619Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.016492945Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.095108042Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.172492844Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.250760149Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.328973324Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.406119585Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.483885588Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.560900579Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.638329941Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.716524256Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.795526474Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.871889212Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:14.948929993Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.026747306Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.104919141Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.184373771Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.262678326Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.339870967Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.419345667Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.496463208Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.574159701Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.651359002Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.730803312Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.808195314Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.884538212Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:15.962716217Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.042233997Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.120171221Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.198874907Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.277195683Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.357512556Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.436900115Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.515317961Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.593327295Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.670079925Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.754329313Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.831138162Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.907734191Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:16.986327558Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.064997245Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.142259086Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.221027933Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.300150812Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.378320396Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.4561799Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.534442975Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.613465153Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.690793645Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.768638639Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.846738793Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:17.92531305Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.003644575Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.082083061Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.162067013Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.242357336Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.321567164Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.400623423Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.479291069Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.560050264Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.639275453Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.717041246Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.795646353Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.87448642Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:18.953706889Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:19.033268819Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:19.112498008Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:19.193334113Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-39325", "aliases": [ "GHSA-4374-p667-p6c8", "GO-2023-2102" ] }, "timestamp": "2025-07-16T13:21:19.272356131Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955" }, "timestamp": "2025-07-16T13:21:19.352185152Z", "products": [ { "@id": "pkg:golang/github.com/rancher/wins", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.431384541Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.511334223Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.593070631Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.675174361Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.755110052Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.832481474Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.912203425Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:19.992508268Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3955", "aliases": [ "GHSA-q78c-gwqw-jcmc", "GO-2023-2170" ] }, "timestamp": "2025-07-16T13:21:20.070515502Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.150482303Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.229963183Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.30875169Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.38814452Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.469594077Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.550898964Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.62933669Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.709342002Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.790896789Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.871448253Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:20.952569559Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.033391694Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex@v2.37.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.114379169Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.193780259Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.21.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.273811811Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.354762396Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.434149316Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.514225338Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.594698381Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.675633056Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.758595289Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.839234324Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.918712963Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:21.998800426Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.079181289Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.160346895Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.239260062Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.318599812Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.399680638Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.481730717Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.560851956Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.640703437Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.721795223Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.802114686Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.884265706Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:22.964206487Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.042615483Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.122982116Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.203393289Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3@v3.13.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.284387255Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.363933365Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9@v10.2.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.443655346Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.52424563Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.60384796Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.684710975Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.767739338Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.846935787Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:23.926490537Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.006613189Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.088410198Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.167347526Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.248814803Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.329697658Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.409240658Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.48922086Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.569955464Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.650658129Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.731083072Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.812001537Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.892986033Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:24.973727347Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.05392778Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.133739481Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.214063464Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.295898563Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git@v1.0.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.378753695Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.458614216Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.540486605Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.620847088Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.702139805Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.783932533Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.866520785Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:25.948179583Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.030693664Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.112103291Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.194182531Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.276761132Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.357225636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.439704377Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.520315711Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.601265597Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.683564107Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.770234824Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty@v3.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.852787495Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:26.937073963Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.018212179Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.098848794Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.180305541Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.263092383Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.348465735Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.429443711Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.511073028Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.592938917Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.67683173Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.760458466Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.841923403Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:27.923219039Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.006356812Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.088696672Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script@v1.0.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.170006739Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.251673656Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.333952516Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.416281917Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.500000682Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.583365267Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.664588872Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.746402361Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.827790787Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.909483615Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server@v0.4.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:28.993555802Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.077572029Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.160363701Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.242841892Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.325642794Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.407286311Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.488170636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.570358266Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.65129023Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.731952284Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler@v0.2.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.813595682Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.894802898Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx@v0.3.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:29.974654698Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.057779652Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.138827767Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.220768155Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start@v0.4.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.302425833Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.383684579Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.467498995Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.549743045Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.632213376Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.717666758Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.801008712Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.883704264Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:30.968325423Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.052984973Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.136836219Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.221322047Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.303322976Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.387107702Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.4687768Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.550297007Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.634509604Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.717614978Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.800860562Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.882377469Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:31.964074936Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.04715355Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.131390557Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.215233123Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.29925383Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.380654197Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.463480099Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma@v0.4.31", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.548272149Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.629407384Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start@v0.14.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.713350621Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.797470338Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.878482843Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:32.959093797Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets@v0.9.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.042446561Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.123577257Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.206361689Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.288359057Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin@v0.5.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.371037229Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.452230275Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.534779206Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.616226503Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.699471647Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.779279457Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.862151929Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:33.943600206Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.027644983Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.111854891Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.194910144Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.27866628Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.361861603Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.445192707Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.5281098Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.609963828Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.694042555Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.778901835Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.861660177Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:34.948121533Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.031029486Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.113435747Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.195529666Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.278169717Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.359130572Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.440942Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.523746772Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.606023232Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.68778411Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.76995856Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.851987959Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:35.933203285Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.017811684Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.099915004Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.182420914Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.266950953Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.349714775Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.432265546Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.514265915Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.596613546Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.679867809Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.764525899Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.846205416Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:36.928913448Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.012363303Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.0964852Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.180637617Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.264357243Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.348273119Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.43084473Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.513893683Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.595677952Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.677832511Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.760877014Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.844919511Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:37.927982904Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.011924051Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.09394955Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.178202697Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.26126664Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.344984416Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.429507985Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.513687212Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.5978469Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.681120964Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.765173981Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.849296298Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:38.933137104Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.015598845Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.097560733Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.180770047Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.261366921Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.345573818Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.428724372Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.512419977Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.598252031Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.682991771Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.768181762Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.851756377Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:39.935441613Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.018430625Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.10202285Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.184641322Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.268789629Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.352216414Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.434909575Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.519233323Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.601908795Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.685816881Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.768182532Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.851139784Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:40.933135403Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.016524838Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.100388564Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.18437687Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.267854925Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.350125395Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.432690966Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.515764179Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.598642622Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.680743381Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.765800782Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.850330241Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:41.931937648Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.018041953Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.102662452Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.186385288Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.269336431Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.352000902Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.435321426Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.518382259Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.601771844Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.68577825Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.769827167Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.853216252Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:42.935837023Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.018981626Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.101778709Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.186052666Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.268223206Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.350394956Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.43385513Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.516995574Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.60086002Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.683799512Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.766931736Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.851352075Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:43.933370019Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.019874982Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.105127759Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.18617757Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.268859177Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.350524821Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.433933531Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.51715595Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.599247525Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.683326078Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.766768018Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.849917007Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:44.93152784Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.015899074Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.099858457Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.182528534Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.265727313Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.349040203Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.432251962Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.515756773Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.600457368Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.683292336Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.767309099Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.851590492Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:45.935400324Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.018694084Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.101549782Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.188272775Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.271706415Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.355961639Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.440036561Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.523947804Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.607171763Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.689988411Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.776073042Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.859509492Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:46.944341498Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:47.028793892Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:47.113624738Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:47.202859501Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:47.288229759Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-3978", "aliases": [ "GHSA-2wrh-6pvc-2jm9", "GO-2023-1988" ] }, "timestamp": "2025-07-16T13:21:47.373865488Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142" }, "timestamp": "2025-07-16T13:21:47.457526109Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Upstream confirmed that the affected code is not present in cri-tools - https://github.com/kubernetes-sigs/cri-tools/issues/1285 ." }, { "vulnerability": { "name": "CVE-2023-45142" }, "timestamp": "2025-07-16T13:21:47.541444721Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/121338 ." }, { "vulnerability": { "name": "CVE-2023-45142" }, "timestamp": "2025-07-16T13:21:47.625373683Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/121338 ." }, { "vulnerability": { "name": "CVE-2023-45142" }, "timestamp": "2025-07-16T13:21:47.708865294Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/121338 ." }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:47.793607109Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:47.878009103Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:47.962437878Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.046561661Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.129572839Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.21313081Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.295693077Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.381884148Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.467414977Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.552885435Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.639397147Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.723690011Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.809616101Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.896091223Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:48.982695406Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.070267883Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.159289155Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.244899834Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.33219606Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.418349101Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.504355431Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.593005652Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.679746435Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.763733128Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.849599968Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:49.937528436Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.024290179Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.109189565Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.195094235Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.283028813Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.371274303Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.455992268Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.543163973Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.629551025Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.715997867Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.801591346Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.887392256Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:50.974199289Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.061167664Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.147615586Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.234025108Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.31804494Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.405134435Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.490597693Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.574859437Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/gorilla/mux/otelmux@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.659984944Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.747585621Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.832157175Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:51.914952113Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.001151504Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.086485862Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.172451452Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.261151143Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250406", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.346021809Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250420", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.431854239Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250504", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.514580267Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250518", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.599650553Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250601", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.682910263Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250615", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.768573762Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250629", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.8539681Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.37.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:52.937630711Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3@v3.13.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.37.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.022278016Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.108031316Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.26.3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.194014816Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.37.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.281201591Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.368564367Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.37.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.454153396Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.539603834Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.37.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.626367847Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.712268527Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.797173714Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.28.13-build20240910", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.883480835Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:53.969360235Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.054686213Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.141620637Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.22815796Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15-rc1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.31417257Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.403724825Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.489046842Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.576389958Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.664144995Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.752500025Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.83969188Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:54.929132394Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15-rc4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.017098092Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.101622367Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.188147919Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.27407478Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.363428383Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.449384653Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.18-rc.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.535390854Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.7", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.620519321Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.704215492Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.789784171Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.875957992Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:55.963074547Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.050676404Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.137131606Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.22406458Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.31260062Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.401918694Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.487492363Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.573752744Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.660646878Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.750049692Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.836520014Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:56.924949464Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.011346846Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.099072704Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.188183536Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.275490832Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.361473152Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.448257136Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.534106766Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.621305211Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.70710808Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.794283885Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.880783118Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:57.968807836Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.053609122Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.138370627Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.224529419Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.312842838Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.400187924Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.487430889Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.578046238Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.663059874Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.748964874Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.837208564Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:58.925045001Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.013291121Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.101832261Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.188231293Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.273097039Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.360219904Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.447150778Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.53608853Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.622557962Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.709615107Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.796017469Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.884110118Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:21:59.971052192Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.060051276Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.145111724Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.230798025Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.319163327Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.407166877Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.496188722Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.585258727Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.673085107Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.765432966Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.853554797Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:00.941931589Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.032725341Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.121185374Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.211076543Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.299234444Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.385720388Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.472739614Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.563205855Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.650657643Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.738640293Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.824367654Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.912383725Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:01.999899123Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.088736797Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.177851652Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.267961632Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.357955031Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.445837231Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.535101387Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.623250738Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.712016002Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.802296442Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.892590942Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:02.982803542Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.071848617Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.159938588Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.24836223Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.338769941Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.428780861Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.51661547Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.608761529Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.697631663Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.786235936Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.876453546Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:03.964797758Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.056676075Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.147905029Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.237774438Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.329269424Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.422186595Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.511437211Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.602777156Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.692644455Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.782127911Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.869285768Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:04.958027792Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.046971436Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.136342493Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.224444614Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.315264956Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.404499862Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.497504284Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.585351634Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.674895301Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.764120647Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.853107912Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:05.942794169Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.032710708Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/github.com/emicklei/go-restful/otelrestful@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.119371383Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.206892221Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.298948289Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.387270761Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.476482557Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.564605838Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.656305114Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.748369802Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.839962768Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:06.926429442Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.015723088Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.102912725Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.19197304Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.282079Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.370861093Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.460749892Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.552097777Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.644083965Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.73326078Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.821952884Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.911039369Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:07.996184937Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:08.085718334Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:08.173597094Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:08.26281345Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:08.349231983Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:08.437272484Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:08.526340749Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45142", "aliases": [ "GHSA-rcjv-mgp8-qvmr", "GO-2023-2113" ] }, "timestamp": "2025-07-16T13:22:08.614039948Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp@v0.35.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:08.701769957Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-cni", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:08.790770932Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:08.880048398Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:08.968514231Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4@v4.43.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.056597291Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.146872462Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9@v10.2.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.234802572Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.323079943Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.410492461Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.499560086Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.588951553Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.67858147Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.765854188Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.8565822Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:09.947942485Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.03708165Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.126381786Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.214506047Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.303908564Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.3932269Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.482740247Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.572896867Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.662103523Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.751022947Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.840823145Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:10.929132367Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.01781069Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.10568843Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.194441064Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.283191688Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git@v1.0.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.371005637Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.458552466Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.546414266Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.634428086Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.722909209Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.813283319Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.901905613Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:11.993729499Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.086114059Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.177820255Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.268565818Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.35704225Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.447870243Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.537221959Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.628816075Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.717962751Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.807781059Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.896992965Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty@v3.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:12.986483412Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.078213818Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.167106562Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.256074517Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.343820636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.435076651Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.52514785Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.6153281Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.704426105Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.793260929Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.881754872Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:13.971626481Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.061546889Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.150624994Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.240181422Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.328851555Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script@v1.0.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.420623732Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.51047782Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.601873725Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.694493066Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.782943658Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.872831697Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:14.963494449Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.052031672Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.141352188Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.231870049Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server@v0.4.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.322056239Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.413755655Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.50490997Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.593557793Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.684799927Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.773013099Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.863872701Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:15.9539568Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.042948674Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.134057143Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler@v0.2.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.224084109Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.317583045Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx@v0.3.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.409081825Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.500035974Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.587726134Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.676182836Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start@v0.4.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.764809999Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.853686422Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:16.944044669Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.032501792Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.121486405Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.213514967Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.305268368Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.395876895Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.486244013Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.57659375Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.66440082Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.753106573Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.842663428Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:17.932634434Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.022184009Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.110968032Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.199682935Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.290579024Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.381456673Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.472616202Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.562840679Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.652993475Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.74233099Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.832548407Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:18.921181429Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.011465526Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.102111484Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma@v0.4.31", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.192699722Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.282236367Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start@v0.14.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.371961873Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.464328685Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.554354381Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.645060889Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets@v0.9.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.734497594Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.82425687Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:19.913440394Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.004394453Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin@v0.5.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.09470596Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.184866646Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.276901348Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.367124305Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.456088908Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.545969224Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.635513219Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.725397965Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.815597042Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.90625501Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:20.998419342Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:21.089505221Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:21.181413952Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:21.27192629Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:21.361932506Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:21.45086748Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry@v0.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:21.540402865Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-45288", "aliases": [ "GHSA-4v7x-pqxf-cx7m", "GO-2024-2687" ] }, "timestamp": "2025-07-16T13:22:21.629118588Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-46129", "aliases": [ "GHSA-mr45-rx8q-wcm9", "GO-2023-2163" ] }, "timestamp": "2025-07-16T13:22:21.719771916Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/github.com/nats-io/nkeys@v0.4.4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-46129", "aliases": [ "GHSA-mr45-rx8q-wcm9", "GO-2023-2163" ] }, "timestamp": "2025-07-16T13:22:21.809691832Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/nats-io/nkeys@v0.4.4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-46129", "aliases": [ "GHSA-mr45-rx8q-wcm9", "GO-2023-2163" ] }, "timestamp": "2025-07-16T13:22:21.90064633Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.28.13-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/nats-io/nkeys@v0.4.4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:21.991142988Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Manually confirmed after executing govulncheck against https://github.com/k3s-io/containerd/tree/v1.7.21-k3s2" }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.081520545Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in cri-tools - https://github.com/kubernetes-sigs/cri-tools/issues/1285 ." }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.169925077Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in cri-tools - https://github.com/kubernetes-sigs/cri-tools/issues/1285 ." }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.25855583Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Manually confirmed after executing govulncheck against https://github.com/rancher/image-build-rke2-cloud-provider/tree/v1.30.4-build20240910" }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.347065992Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Manually confirmed after executing govulncheck against https://github.com/rancher/image-build-rke2-cloud-provider/tree/v1.31.0-build20240910" }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.439233994Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "RKE2 imports this dependency from upstream Kubernetes which is not affected by this CVE - https://github.com/kubernetes/kubernetes/pull/121842 ." }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.530424984Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "RKE2 imports this dependency from upstream Kubernetes which is not affected by this CVE - https://github.com/kubernetes/kubernetes/pull/121842 ." }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.619938149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Webhook imports this dependency from upstream Kubernetes which is not affected by this CVE - https://github.com/kubernetes/kubernetes/pull/121842 ." }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.710051435Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/121842 ." }, { "vulnerability": { "name": "CVE-2023-47108" }, "timestamp": "2025-07-16T13:22:22.800160002Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/121842 ." }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:22.890267588Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:22.979421962Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.068388636Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.15782326Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.245560861Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.337037411Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.428884802Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.518713588Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.7.27-k3s1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.45.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.610427479Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.701953569Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.792690197Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.882885224Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.3-build20240515", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:23.974487624Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.8-build20240910", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.065069522Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.4-build20240910", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.154700567Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.0-build20240910", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.247483671Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.337997428Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.431789025Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.522855344Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.613071861Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.705998994Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.795343329Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.885104135Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:24.975107581Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.064812556Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.154317371Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.243447735Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.332415469Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.422751696Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.51178224Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.601968516Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.693650097Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.78257016Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.874134121Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:25.964824659Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.056209068Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.151852633Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.243482173Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.336244947Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.427862436Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.51785872Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.607750033Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.699360343Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.792388308Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.886647078Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:26.977666335Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.070423469Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.161677667Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.253105756Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.343487921Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.435313272Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.525481526Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.617019806Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.70725283Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.798186427Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.888902993Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:27.980674954Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.072338644Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.162053256Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.255127551Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.348374747Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.439869216Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.531726477Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.622298743Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.71339472Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.806914297Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.898708928Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:28.994396223Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.089620506Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.178980658Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.270495747Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.361644605Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.453828787Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.547554624Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.640402909Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.732692151Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.824853473Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:29.920000466Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.014020825Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.106357267Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.197637066Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.289850178Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.381785109Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.474639973Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.566109192Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.657752002Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.750152745Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.843660882Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:30.936527656Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:31.028937629Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:31.123792891Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:31.217211248Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.42.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:31.311556328Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:31.40379204Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-47108", "aliases": [ "GHSA-8pgv-569h-w5rw", "GO-2023-2331" ] }, "timestamp": "2025-07-16T13:22:31.494508296Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc@v0.35.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:31.585878605Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:31.6789938Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:31.771651414Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:31.863236194Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:31.957174062Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.052691055Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.148952272Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.24313942Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.335491592Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221010152910-d6f0a8c073c2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.429858821Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.523280577Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221010152910-d6f0a8c073c2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.619917605Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.714896556Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.805597301Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.897319751Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:32.990557846Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.083974691Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex@v2.37.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.175240689Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220829220503-c86fa9a7ed90" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.268184412Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.21.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220829220503-c86fa9a7ed90" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.362704682Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.455235855Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.546893283Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.639056384Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.733342703Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.823168325Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:33.917412024Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.010715139Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.105787621Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.199785289Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.294025988Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.386804581Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.480521557Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.571106782Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.666981647Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.757354531Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.52.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.84909159Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220214200702-86341886e292" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:34.940062667Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.032226228Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.126048645Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.218433246Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.313030987Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.406068381Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.500937912Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio/docs/debugging/inspect", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.594241657Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.688570216Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.783082636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.874371623Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:35.966688795Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.061595316Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.154894321Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.24643144Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.339563744Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.434435395Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.528677824Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.621731398Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.715019234Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.808832171Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.900190198Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:36.993209642Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.086303397Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.179976113Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.272506266Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.364276695Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.456461106Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.55219642Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.645417305Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.738998751Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.836546823Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:37.930776651Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.025162891Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.117624623Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.210116135Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.305450238Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.399208905Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.494374257Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.589017437Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.682723554Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.26.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.774606834Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.868061379Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:38.964187745Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.059309327Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.15188216Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.24387892Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.337860928Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.433519962Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.529374167Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.622680072Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.720041193Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.813401088Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:39.907079405Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.000040719Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.092986372Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.185351614Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.279156061Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.373320249Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.28.13-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.467340958Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.561295705Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.28", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.655724525Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.753347636Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.848044637Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:40.940724679Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.033235852Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry@v0.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.131350105Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.22462859Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.34.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.318209817Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.41379015Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.50837996Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.603952364Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.700331151Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.79197073Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.886131088Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:41.983216408Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.077366396Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.17028639Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.263005093Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.356482709Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.449731094Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.543664971Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.639225085Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.733422614Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.82963069Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:42.924631612Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.019336312Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.113824552Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.208152851Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.30253199Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.397716303Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.493953919Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.588667759Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.13.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.682592727Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.777718559Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.873024202Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:43.967473651Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.063433307Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.15884669Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.254533604Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.348379631Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.44251583Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.537978463Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.633862278Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.728554729Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.82362167Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:44.917713129Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.011232955Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.107473651Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.203062995Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.298719679Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.392872238Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.487337487Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.584463247Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.681245155Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.77436703Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.867370834Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:45.959333974Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.053890614Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.14740311Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.243686246Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.338802488Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.432719726Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.52566756Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.621784176Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.717053978Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.812500792Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:46.908395727Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.00395143Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.099720385Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.195389319Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.291462165Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.38741051Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.482380932Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.574274791Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.668302739Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.76301669Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.856844687Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:47.95215664Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.047428593Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.141944372Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.234853506Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.330675381Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.426814368Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.527382312Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.623697389Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.719681055Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.814564987Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:48.911410797Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.006469279Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.102659266Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.199208835Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.29491645Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.38935784Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.484205592Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.579562845Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.673701604Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.76949358Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.864156781Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:49.959286634Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.054480727Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.151635828Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.244425572Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.337603997Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.431171144Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.526015116Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.620656907Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.714696285Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.812050307Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:50.908025063Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.002626284Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.097573046Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.192497438Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.286300876Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.381211028Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.476557452Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.571101242Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.665835174Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.760310224Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.854490763Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:51.951056302Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.048223412Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.14448905Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.242273823Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.337897027Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.43313772Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.52992555Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.624951652Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.722179873Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.817033645Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:52.912320108Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.007935453Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.103071636Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.199090022Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.294291776Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.389374598Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.485387814Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.580883819Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.676988625Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.771494006Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.867462792Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:53.961853312Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.056801614Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.152948501Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.246875259Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.340715477Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.436305342Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.530031389Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.623623826Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.720781257Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.816201871Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-48795", "aliases": [ "GHSA-45x7-px36-x8w8", "GO-2023-2402" ] }, "timestamp": "2025-07-16T13:22:54.910263Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49290", "aliases": [ "GHSA-7f9x-gw85-8grf", "GO-2023-2379" ] }, "timestamp": "2025-07-16T13:22:55.007481911Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/lestrrat-go/jwx@v1.2.26" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.104621091Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.200489967Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.295563549Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.391544636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.486856089Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.580449586Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.676782854Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.773249612Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.868740806Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:55.963730998Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.061891583Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.156560994Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.251248975Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.347874884Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.443484308Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.536754934Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.631511675Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.728690416Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.824253321Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:56.920141387Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.018379201Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.115197421Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.213382895Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.307371014Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.402551027Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.497127318Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.592742202Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.687638244Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.782839547Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.878945514Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:57.973491995Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.070756566Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.165272876Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.261577624Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.356553636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.453875997Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.550297935Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.645699859Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.74049189Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.835925944Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:58.932115761Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.027593826Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.124737446Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.220325321Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.318721026Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.413684438Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.511975243Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.60800738Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.704980889Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.804355189Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.899485521Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:22:59.995321337Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.092477568Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.191464015Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.286433858Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.383203417Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.482037464Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.582340116Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.680693832Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.779042677Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.876061247Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:00.973570279Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:01.070488448Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:01.166678075Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:01.265178851Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:01.36440944Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:01.462941265Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49568", "aliases": [ "GHSA-mw99-9chc-xw7r", "GO-2024-2466" ] }, "timestamp": "2025-07-16T13:23:01.562431375Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:01.661155192Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:01.761916036Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:01.859850289Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:01.958302755Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.056958931Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.154608624Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.248937114Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.344795639Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.443647006Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.540306935Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.637410245Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.733828363Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.830687093Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:02.926090447Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.022744975Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.118556751Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.214864578Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.313900526Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.412423302Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.510141195Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.607920308Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.706259273Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.801607216Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.898347845Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:03.997126792Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.093941862Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.192469747Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.288838905Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.386434687Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.482629446Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.580028892Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.679092756Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.774369492Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.871342577Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:04.965235476Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.061806769Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.159351895Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.261793445Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.360463447Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.456671578Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.554078984Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.651065709Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.750395604Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.844916887Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:05.94162167Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.039111696Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.135831389Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.233299246Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.335068012Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.432493419Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.529667874Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.627931134Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.727601221Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.827997831Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:06.927129875Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.025310435Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.12452481Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.221231293Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.319280802Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.5.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.418129865Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.516111924Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.61346329Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.710652955Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.809515078Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:07.906651973Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:08.003424007Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:08.100564842Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2023-49569", "aliases": [ "GHSA-449p-3h89-pw88", "GO-2024-2456" ] }, "timestamp": "2025-07-16T13:23:08.198280419Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/go-git/go-git/v5@v5.6.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-0874", "aliases": [ "GHSA-m9w6-wp3h-vq8g", "GO-2024-2785" ] }, "timestamp": "2025-07-16T13:23:08.295173613Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-0874", "aliases": [ "GHSA-m9w6-wp3h-vq8g", "GO-2024-2785" ] }, "timestamp": "2025-07-16T13:23:08.393784035Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220" }, "timestamp": "2025-07-16T13:23:08.491290722Z", "products": [ { "@id": "pkg:golang/github.com/rancher/wins", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.16" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:08.591522511Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:08.688920537Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:08.788010991Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:08.885273187Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:08.982154221Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.08009679Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.179071233Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.281065121Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.7", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.380502927Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.479580371Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.57760761Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.676250542Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.774468592Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.4.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.872027849Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:09.969920077Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-dev.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.068067707Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.167516353Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.263870174Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.362822418Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.459864722Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.55769933Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.655633649Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.753608708Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.853777027Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:10.952004337Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.051663304Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.151609192Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.0-rc.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.250413945Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.347990302Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.446112392Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.0-rc.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.54619869Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.30.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.64439283Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.743155163Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.844828189Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:11.946498785Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.050758864Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.15036394Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.250500779Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.26.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.349400552Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.447969154Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.546185344Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.644423204Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.744485833Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v4.0.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.843983979Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:12.945497554Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.045625803Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.145065369Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.244115983Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.34380162Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.443804368Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.54237329Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.640270838Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.739879885Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.837838684Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:13.935429371Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.037413609Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.135606059Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.233919149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.333985718Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.433593454Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.533918114Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.633701962Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.731892891Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.832228161Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:14.932420511Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.031000142Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.128290708Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.228198886Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6-rc2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.326973989Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.423655642Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.522567985Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.621554729Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.720258671Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.81824447Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:15.916910642Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.18-rc.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.015470863Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.7", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.112570088Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.10", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.212618047Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.10-rc.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.30927344Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.10-rc.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.406299874Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.10-rc.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.502220483Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.11-rc.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.59974399Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.9", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.701478737Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.802872082Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.5.9-rc.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:16.900314028Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:17.000194886Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:17.101723931Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:17.20389811Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:17.304429375Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:17.402214874Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.15.4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-10220", "aliases": [ "GHSA-27wf-5967-98gx", "GO-2024-3286" ] }, "timestamp": "2025-07-16T13:23:17.501715419Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.15.6", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:17.603162202Z", "products": [ { "@id": "pkg:oci/k3s-upgrade?repository_url=index.docker.io/rancher/k3s-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:17.703108939Z", "products": [ { "@id": "pkg:oci/k3s-upgrade?repository_url=index.docker.io/rancher/k3s-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:17.804359431Z", "products": [ { "@id": "pkg:oci/k3s-upgrade?repository_url=registry.rancher.com/rancher/k3s-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:17.904485879Z", "products": [ { "@id": "pkg:oci/k3s-upgrade?repository_url=registry.rancher.com/rancher/k3s-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.007414888Z", "products": [ { "@id": "pkg:oci/klipper-helm?repository_url=index.docker.io/rancher/klipper-helm", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.108938501Z", "products": [ { "@id": "pkg:oci/klipper-helm?repository_url=index.docker.io/rancher/klipper-helm", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.211688189Z", "products": [ { "@id": "pkg:oci/klipper-helm?repository_url=registry.rancher.com/rancher/klipper-helm", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.314929779Z", "products": [ { "@id": "pkg:oci/klipper-helm?repository_url=registry.rancher.com/rancher/klipper-helm", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.416671663Z", "products": [ { "@id": "pkg:oci/klipper-lb?repository_url=index.docker.io/rancher/klipper-lb", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.517386324Z", "products": [ { "@id": "pkg:oci/klipper-lb?repository_url=index.docker.io/rancher/klipper-lb", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.621400057Z", "products": [ { "@id": "pkg:oci/klipper-lb?repository_url=registry.rancher.com/rancher/klipper-lb", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.722082787Z", "products": [ { "@id": "pkg:oci/klipper-lb?repository_url=registry.rancher.com/rancher/klipper-lb", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.823291199Z", "products": [ { "@id": "pkg:oci/local-path-provisioner?repository_url=index.docker.io/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:18.925437934Z", "products": [ { "@id": "pkg:oci/local-path-provisioner?repository_url=index.docker.io/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:19.031163384Z", "products": [ { "@id": "pkg:oci/local-path-provisioner?repository_url=registry.rancher.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:19.137220165Z", "products": [ { "@id": "pkg:oci/local-path-provisioner?repository_url=registry.rancher.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:19.242281572Z", "products": [ { "@id": "pkg:oci/rke2-upgrade?repository_url=index.docker.io/rancher/rke2-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:19.34512444Z", "products": [ { "@id": "pkg:oci/rke2-upgrade?repository_url=index.docker.io/rancher/rke2-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:19.450505549Z", "products": [ { "@id": "pkg:oci/rke2-upgrade?repository_url=registry.rancher.com/rancher/rke2-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libcrypto3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-12797" }, "timestamp": "2025-07-16T13:23:19.553037036Z", "products": [ { "@id": "pkg:oci/rke2-upgrade?repository_url=registry.rancher.com/rancher/rke2-upgrade", "subcomponents": [ { "@id": "pkg:apk/alpine/libssl3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_cannot_be_controlled_by_adversary" }, { "vulnerability": { "name": "CVE-2024-21626" }, "timestamp": "2025-07-16T13:23:19.653685466Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/123060 ." }, { "vulnerability": { "name": "CVE-2024-21626" }, "timestamp": "2025-07-16T13:23:19.754850988Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/123060 ." }, { "vulnerability": { "name": "CVE-2024-21626" }, "timestamp": "2025-07-16T13:23:19.855401047Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed that the affected code is not present in Kubernetes - https://github.com/kubernetes/kubernetes/pull/123060 ." }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:19.959936062Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.061384215Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.164263704Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.265831377Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/integration/client", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.36713522Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.468938774Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin@v3.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.570547309Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.672088422Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.771374106Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.872985899Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:20.972077022Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:21.072142499Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:21.172527127Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21626", "aliases": [ "GHSA-xr7r-f8xq-vfvv", "GO-2024-2491" ] }, "timestamp": "2025-07-16T13:23:21.272886305Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.7" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21664", "aliases": [ "GHSA-pvcr-v8j8-j5q3", "GO-2024-2454" ] }, "timestamp": "2025-07-16T13:23:21.375927825Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/github.com/lestrrat-go/jwx@v1.2.26" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21664", "aliases": [ "GHSA-pvcr-v8j8-j5q3", "GO-2024-2454" ] }, "timestamp": "2025-07-16T13:23:21.475959452Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/github.com/lestrrat-go/jwx@v1.2.26" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-21664", "aliases": [ "GHSA-pvcr-v8j8-j5q3", "GO-2024-2454" ] }, "timestamp": "2025-07-16T13:23:21.576124799Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/lestrrat-go/jwx@v1.2.26" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23650", "aliases": [ "GHSA-9p26-698r-w4hx", "GO-2024-2492" ] }, "timestamp": "2025-07-16T13:23:21.676276226Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23650", "aliases": [ "GHSA-9p26-698r-w4hx", "GO-2024-2492" ] }, "timestamp": "2025-07-16T13:23:21.774967747Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23650", "aliases": [ "GHSA-9p26-698r-w4hx", "GO-2024-2492" ] }, "timestamp": "2025-07-16T13:23:21.878778801Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23650", "aliases": [ "GHSA-9p26-698r-w4hx", "GO-2024-2492" ] }, "timestamp": "2025-07-16T13:23:21.978984528Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23651", "aliases": [ "GHSA-m3r6-h7wv-7xxv", "GO-2024-2493" ] }, "timestamp": "2025-07-16T13:23:22.082215339Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23651", "aliases": [ "GHSA-m3r6-h7wv-7xxv", "GO-2024-2493" ] }, "timestamp": "2025-07-16T13:23:22.182313466Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23651", "aliases": [ "GHSA-m3r6-h7wv-7xxv", "GO-2024-2493" ] }, "timestamp": "2025-07-16T13:23:22.283140096Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23651", "aliases": [ "GHSA-m3r6-h7wv-7xxv", "GO-2024-2493" ] }, "timestamp": "2025-07-16T13:23:22.382788191Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23652", "aliases": [ "GHSA-4v98-7qmw-rqr8", "GO-2024-2494" ] }, "timestamp": "2025-07-16T13:23:22.482958318Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23652", "aliases": [ "GHSA-4v98-7qmw-rqr8", "GO-2024-2494" ] }, "timestamp": "2025-07-16T13:23:22.582611743Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23652", "aliases": [ "GHSA-4v98-7qmw-rqr8", "GO-2024-2494" ] }, "timestamp": "2025-07-16T13:23:22.683458074Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23652", "aliases": [ "GHSA-4v98-7qmw-rqr8", "GO-2024-2494" ] }, "timestamp": "2025-07-16T13:23:22.784419705Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23653", "aliases": [ "GHSA-wr6v-9f75-vh2g", "GO-2024-2497" ] }, "timestamp": "2025-07-16T13:23:22.882867534Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23653", "aliases": [ "GHSA-wr6v-9f75-vh2g", "GO-2024-2497" ] }, "timestamp": "2025-07-16T13:23:22.981718176Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.11.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23653", "aliases": [ "GHSA-wr6v-9f75-vh2g", "GO-2024-2497" ] }, "timestamp": "2025-07-16T13:23:23.08132569Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-23653", "aliases": [ "GHSA-wr6v-9f75-vh2g", "GO-2024-2497" ] }, "timestamp": "2025-07-16T13:23:23.180831885Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/buildkit@v0.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.281812306Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.382832967Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.15.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.48424439Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.3+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.586685117Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.687427157Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.787506974Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.887582421Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:23.991860626Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.092714177Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.197734986Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.29946271Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.401097934Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.6.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.504909887Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.606946963Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.711292389Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.809573948Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:24.90874931Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.008824267Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.111780977Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.211440332Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.314106641Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.418051595Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.521432056Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.62312421Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.72388303Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.827589683Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:25.930974875Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.032252917Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.13354939Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.233703727Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.336082894Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.437571877Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.540691798Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.643248326Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.743960145Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.846137462Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:26.945743866Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.048035523Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.153315273Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.253531531Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.357101703Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.459991753Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.561644207Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.662199586Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.764343422Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.863940086Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:27.965712471Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.069743235Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.169723052Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.271406296Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.374718577Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.476689963Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.579273191Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.683622287Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.787013308Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.889772427Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:28.992033034Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.095332885Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.196383686Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.296747534Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.39887686Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.500412994Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.604599769Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.706950026Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.810509899Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:29.917064914Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.019297621Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.118679795Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.220040357Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.325267997Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.426121887Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.530064502Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.631781946Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.736672564Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.840527148Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:30.94620666Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.047673293Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.151845488Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.254780708Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.355714638Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.458921929Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.55987077Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.662147437Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.762907827Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.864794592Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:31.968152383Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.074393418Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.23+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.178463352Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.2+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.281810374Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.0+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.385985189Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.23+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.492600145Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.2+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.595620995Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.0+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.698374154Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.23+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.801044672Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.2+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:32.905900121Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.0+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.011226981Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.118932942Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.223516639Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.327294932Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.43217142Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.536493226Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.646356187Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.751137795Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.857947152Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:33.964053926Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.068845194Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.173936493Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.277409315Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.38377051Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.489287331Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.594164509Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.700576094Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.6", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.805941025Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:34.91006862Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.8", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.015220769Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.12282249Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.227594878Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.331928174Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.43636668Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.540202494Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.645637514Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.750042691Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.857021438Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:35.963717205Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.067522688Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.173948812Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.278804924Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.382794723Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.489771413Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.595163007Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.702195718Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.805372663Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:36.91142519Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.016130081Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.121122294Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.226827189Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.329465042Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.434712266Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.541824457Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.645345363Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.74871087Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.852127226Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:37.9576215Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.065368014Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.170237636Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.275860271Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.380457542Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.485747406Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.589831214Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0-rc9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.698939633Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.805876873Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:38.910349314Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.016037789Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.122719618Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.228143682Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.334675491Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.438239348Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.545161038Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.12.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.651509686Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.756758689Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.861425601Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:39.968516102Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.076898257Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.182854834Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.284321572Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.390374249Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.497906321Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.604236599Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.708514789Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.814563656Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:40.921130084Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.023508787Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.12861087Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.235042168Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.341632247Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.445604595Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.550137776Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.654055794Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.759104157Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.13.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.863554607Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:41.969591764Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24557", "aliases": [ "GHSA-xw73-rw38-6vjc", "GO-2024-2512" ] }, "timestamp": "2025-07-16T13:23:42.078224441Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.18734028Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.292050821Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.394579154Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.498700643Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.603471085Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.706892251Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.809603485Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:42.913312332Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.016126616Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.118218317Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.220289918Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.322105638Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.424051289Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.526932123Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.628422232Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.731483357Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.8340421Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:43.938031398Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.046408664Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.150774524Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.25416198Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.357462166Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.460944843Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.563286335Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.66630073Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.769196384Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.869681449Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:44.973242636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.075485597Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.179999668Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.284129437Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.38915972Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.4934625Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.599107725Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.704142607Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.807869055Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:45.91088776Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.01535967Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.118607636Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.222918296Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.326090031Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.433041221Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.537967134Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.639965204Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.74317419Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.848649344Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:46.953312916Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.060261336Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.165123038Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.268648865Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.374661211Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.479413893Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.586485773Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.690109231Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.793117415Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:47.896945313Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:48.001109933Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:48.105862674Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:48.210525695Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24579", "aliases": [ "GHSA-hpxr-w9w7-g4gv", "GO-2024-2490" ] }, "timestamp": "2025-07-16T13:23:48.315479858Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/anchore/stereoscope@v0.0.0-20230412183729-8602f1afc574" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:48.419401486Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:48.525128772Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:48.63165722Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:48.734787065Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.29.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:48.840546861Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.29.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:48.945979575Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.049672243Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/integration/client", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.157547496Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.262085847Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.365791065Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.471090488Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.575334448Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.680610331Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.21.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.785406553Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.889109651Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.24", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:49.994148303Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.099857899Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.6.7", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.202734573Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.308194847Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.412001735Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.517357679Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.623559526Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.726669572Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.830177768Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:50.934212607Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.038282136Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.145329507Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.250817361Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.7", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.356566337Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.463900298Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.57115454Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.675980902Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.780332352Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.885890956Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:51.990755288Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.097771959Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.205523122Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.312045591Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.417051693Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.522548718Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.62999361Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.735101383Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.838460979Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:52.943573142Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin@v3.6.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.047870572Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.153894349Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.260962322Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.365629985Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.470862661Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-provisioner", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.577359012Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-resizer", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.681093031Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.784053678Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.889105733Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:53.995399783Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v7", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.103859042Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/livenessprobe", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.208708286Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/node-driver-registrar", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.31357107Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.416868688Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.524956275Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.8.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.629227517Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.733803951Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.840490392Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:54.946129719Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.051108854Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.155648917Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.261521745Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.36904732Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.473278942Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.578279067Z", "products": [ { "@id": "pkg:golang/github.com/opencontainers/runc", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.683005151Z", "products": [ { "@id": "pkg:golang/github.com/opencontainers/runc@v1.1.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.786747041Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:55.891896466Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.000134674Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.105078008Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.210287464Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.316402843Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.424222059Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.527460757Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.633075444Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.740076187Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.844042418Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:56.949526304Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.053972057Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.161350041Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.265702984Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.369342503Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.475384452Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.578764291Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.68497604Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.790149236Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:57.893884466Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.002561945Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.10760823Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.213290117Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.316759606Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.427422043Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.533761864Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.638672138Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.742048717Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.848696418Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:58.953295871Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.061105147Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.165151538Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.268801568Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.375265518Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.480728805Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.586621793Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.690277013Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.796694053Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:23:59.901877429Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.008880462Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.115273342Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.22110251Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.328201713Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.433097857Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.538078922Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.645030994Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.753013661Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.8614835Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:00.969532166Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.078777138Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.188734572Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.295048822Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.400628909Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.503524156Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.610676039Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.715839915Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.821728623Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:01.928787246Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.035008596Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.143160033Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.249185812Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.357036008Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.464505383Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.569462687Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.673138187Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.778152952Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.88400935Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:02.991290044Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.27.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.097407813Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.202184537Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.7.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.306258938Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.414337035Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.520657335Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1-rc2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.62565901Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.730627095Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.835824361Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:03.940346424Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.046175002Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.156390287Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.28", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.264026422Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.373917387Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.482267055Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.588498394Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.695410957Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.798988516Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:04.90366105Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.007973872Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.112890166Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.221630306Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6-rc2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.327419834Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.43270134Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.538036066Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.644262766Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.749761772Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.855659591Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:05.959368301Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.066937446Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.176378628Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.288672512Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.394164638Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.498880012Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.60468955Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.714014102Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.820105181Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:06.925349457Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.030615733Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.135506167Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.240363592Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.344490343Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.452776231Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.559255932Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.663983055Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.768828979Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.875712482Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:07.9815748Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.088665253Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.195981137Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.301846205Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.4092687Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/raft/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.514598436Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/raft/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.622748023Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/raft/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.729220204Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/raft/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.83457487Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/raft/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:08.941856024Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.04709433Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.152840678Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.261028495Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.369408283Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.27.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.474788521Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.579408218Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.0.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.687709179Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.795879681Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:09.903456269Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.13.3", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.010021244Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.117304312Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.224143338Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.329982689Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.435278209Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.544337544Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.649844374Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.755571536Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.862585932Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:10.967810042Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.072339578Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.179991557Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.287931718Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.394171691Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.500691506Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.609356979Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.714873859Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.824183265Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:11.930021297Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.035044205Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.142710994Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.25206626Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.359250908Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.466424605Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.575327559Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.684754165Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.792688745Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:12.900327014Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.00968026Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.116351565Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.222545759Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.328816902Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.436608822Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.548359767Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.65702101Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.765636343Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.875558141Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:13.983729152Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.092714337Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.199568473Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.308660868Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.417852483Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.526609656Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.6354664Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.744020383Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.850364937Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:14.96167598Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.069790541Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.1798719Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.289639937Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.399633966Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.509744535Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.61895785Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.729086889Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.836804198Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:15.94512316Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.05309959Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.162250735Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.269177422Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.376052598Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.483983288Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.592573891Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.699496557Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.80814885Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:16.916615922Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.025777027Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.136707629Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.249211638Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.355822533Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.46564252Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.575307547Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.685075645Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.790130784Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:17.903890877Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.011636017Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.12286497Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.232696888Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.342171414Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.450755517Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.562108171Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.671740288Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.780871193Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:18.892398317Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.001757803Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.110355206Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.220049363Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.328249254Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.435840753Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.544639207Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.656935474Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.765206316Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.870616266Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:19.979977692Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.088685085Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.197440669Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.304275695Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.413369749Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.520253235Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.627586233Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.734395079Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.839667668Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:20.949216455Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.059167093Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.167264884Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.278509738Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.384238669Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.492226349Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.59781088Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.702563938Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.809690955Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:21.91649237Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.02676514Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.132513301Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.239273947Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.346154823Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.456685153Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.5635897Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.669781273Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.777869664Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.885757114Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:22.991332704Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.097943349Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.207151115Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.317020593Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.425062143Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.536401217Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.643933876Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.752319978Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.861043931Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:23.971897593Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.081120618Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.189107458Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.296437796Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.412042757Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.518512442Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.627249115Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.738646879Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.848094215Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:24.957680292Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.068729185Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.177101216Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.286962114Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.397066723Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.504720332Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.61213189Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.722568322Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.830662277Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:25.937655467Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.045961283Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.158367745Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.267252614Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.376282622Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.482773131Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.590961596Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.699584813Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.80799122Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:26.916601677Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.02422131Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.134528004Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.244257255Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.354346608Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.465900467Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.573580451Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.684614818Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.794231269Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:27.907931256Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.01816818Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.127925792Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.238729918Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.349931245Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.460792511Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.572649321Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.683315797Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.794476214Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:28.902548619Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.011486667Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.121864792Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.229708966Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.342027028Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.449783781Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.560086955Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.669039674Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.777734201Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.887682354Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:29.997411955Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.104850398Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.215355002Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.32652025Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.437202105Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.547506469Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.655168562Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.76638678Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.875369048Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:30.98498563Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:31.092830374Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:31.204167092Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:31.316899645Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-24786", "aliases": [ "GHSA-8r3f-844c-mc37", "GO-2024-2611" ] }, "timestamp": "2025-07-16T13:24:31.427085169Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/google.golang.org/protobuf@v1.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:31.540135394Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:31.651472172Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:31.759653887Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:31.872713252Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:31.984945234Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.09828995Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.210793833Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.325273763Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.439160462Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.554736077Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.668143933Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.777704144Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:32.892595247Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.008751884Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.11959104Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.233653699Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.353966803Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.4", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.463291023Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.573743358Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.6", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.685989579Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.7", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.79539429Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.8", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:33.904164137Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:34.017189152Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:34.127740937Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:34.238624113Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:34.350185523Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:34.463725699Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:34.574233574Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-25620", "aliases": [ "GHSA-v53g-5gjp-272r", "GO-2024-2554" ] }, "timestamp": "2025-07-16T13:24:34.686629267Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:34.800754526Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:34.913109378Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.024129345Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.133917907Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.245654586Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.358051769Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.468795494Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.58207833Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.694113961Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.806759594Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:35.918483874Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.028016035Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.137267734Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.25055208Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.364140197Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.477777995Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.590675549Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.701970137Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.4", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.815465264Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:36.929378382Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.6", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.041423123Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.7", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.153713865Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.8", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.266335828Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.377367475Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.48795737Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.600561933Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.711282879Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.827017765Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:37.939376177Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:38.0518886Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:38.163175408Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-26147", "aliases": [ "GHSA-r53h-jv2g-vpx6", "GO-2024-2575" ] }, "timestamp": "2025-07-16T13:24:38.275828141Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.12.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28122", "aliases": [ "GHSA-hj3v-m684-v259", "GO-2024-2632" ] }, "timestamp": "2025-07-16T13:24:38.386161185Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/lestrrat-go/jwx@v1.2.26" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28122", "aliases": [ "GHSA-hj3v-m684-v259", "GO-2024-2632" ] }, "timestamp": "2025-07-16T13:24:38.495485635Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/lestrrat-go/jwx@v1.2.28" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:38.607079204Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:38.71796904Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:38.826973249Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:38.937269543Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.048080979Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.15.5", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.158915205Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.5.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.269823751Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.380566187Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.492053686Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex@v2.37.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.607789051Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex@v2.37.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.720718266Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.834805245Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:39.94776702Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.059290228Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.24", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.170769217Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.284400044Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.397498559Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.50951149Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.622080003Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.732476887Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.13+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.842576061Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.13-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:40.953324406Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.14+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.064845275Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.14-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.176884066Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.10+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.287661412Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.10-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.398273167Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.508504281Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.619356267Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.9+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.73202343Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.9-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.841999973Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:41.95268256Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.062405589Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.5+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.171890858Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.5-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.281201426Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.6+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.390960256Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.6-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.503077875Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.5.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.610164534Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.719222071Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.5.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.830731218Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.6", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.5.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:42.938482149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.7", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.5.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.054804996Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.169917627Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.281818936Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.397047718Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.513342065Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.625136433Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0-rc9", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.738852408Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.12.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.854809464Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:43.970388157Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.088637402Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.203615853Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.319589808Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.435433553Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.548467636Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.660418284Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.773341777Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.885265666Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:44.998951242Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.114091593Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15-rc4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.227569648Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.339766008Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.454169277Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.570263162Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.684238789Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.796755941Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:45.910035975Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.023037468Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.135308858Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.251914345Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.366549215Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.481963748Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.597368501Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.712663763Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.829824633Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:46.944104112Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.060478818Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.178601943Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.293295482Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.407681321Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.521598068Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.635313564Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.748528668Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.859831124Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:47.97363282Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.086661143Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.202562328Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.31294133Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.429131626Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/go-jose/go-jose/v3@v3.0.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.543025133Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.657919534Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.76930426Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.880944108Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:48.994339002Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.109917476Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.225178268Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.338826154Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.453856615Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.568665695Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.681170476Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.793672817Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:49.905327695Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.02120654Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.13587557Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.248546321Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.36062002Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.474404057Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.587035048Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.701060075Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.81449544Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:50.927406043Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.039208871Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.152777626Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.266752043Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.381521013Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.496304004Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.611038034Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.721764448Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.835452463Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:51.947051561Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.063039166Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.177488065Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.292079094Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.40581936Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.521361684Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.640883233Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.756776418Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.870778206Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:52.986235269Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.105316216Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.221183891Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.341518784Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.45997584Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.577087469Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.69435597Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.812777345Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:53.929095572Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.04569577Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.163776763Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.285866634Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.402972343Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.518183855Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.637432854Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.754115522Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.873555992Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:54.993214822Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.110617903Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.225926345Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.342459793Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.459947454Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.576395441Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.693580611Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.810027819Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:55.925677963Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.040009501Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.15437717Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.27170598Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.397297945Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.512722868Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.630587991Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.750327071Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.867787003Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:56.984595021Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.099313281Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.217370165Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.33566005Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.452149957Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.571178235Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.687615302Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.805394494Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:57.921827602Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.041098501Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.157807142Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.275113137Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.394221914Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.513213849Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.630585625Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.747599608Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.864893293Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:58.980472797Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.093912787Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.208603505Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.325242756Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.441831677Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.561437846Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.681831661Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.800484554Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:24:59.918458344Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.035861239Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.153285525Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.26910176Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.388077036Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.505978085Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.623988214Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.742443467Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.861394432Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:00.981323854Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.101424866Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.220780304Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.340156022Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.45946211Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.577356149Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.698511308Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.817492864Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:01.937166614Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.057066505Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.174779323Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.291891837Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.409815196Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.529937628Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.648513471Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.768326622Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:02.889549932Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:03.009246022Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:03.130506052Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:03.249324157Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-28180", "aliases": [ "GHSA-c5q2-7r4c-mv6g", "GO-2024-2631" ] }, "timestamp": "2025-07-16T13:25:03.368197052Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/gopkg.in/square/go-jose.v2@v2.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:03.489918135Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:03.607848994Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:03.727685735Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:03.850549065Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:03.970418167Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.090410209Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.213881133Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.333868535Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.453809716Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.570619958Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.69209559Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.813072798Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-31420", "aliases": [ "GHSA-vjhf-6xfr-5p9g", "GO-2024-2688" ] }, "timestamp": "2025-07-16T13:25:04.932043494Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.05121254Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.168646029Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.284482189Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.403559942Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.522446623Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.643598885Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.7", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.9" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.764721646Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:05.885458405Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.24.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.001208314Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.116831433Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.239904892Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.4.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.358037561Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.475788419Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-dev.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.593982228Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.713655763Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.832180924Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:06.950974195Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.068491731Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.189512852Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.304193177Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.422292596Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.539679622Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.657806021Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.13" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.775742129Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:07.892800573Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.008579503Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.125386977Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.244312689Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.361336153Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.5" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.47909306Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.596973978Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.715320098Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.26.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.832818935Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.0", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:08.95005944Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.067690617Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.186736549Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.306445075Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.425268017Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.541129886Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.66302665Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.780964669Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:09.895036721Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.017153136Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.138482038Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.260022551Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.37819423Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.497617564Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.618098023Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.739374374Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.85684583Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:10.976910287Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6-rc2", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.095606509Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.218265006Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.338119982Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.25.12" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.455122066Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.576424758Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.695955592Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.18-rc.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.812085373Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.7", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.6" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:11.930810855Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.10" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:12.049317845Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:12.169308202Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:12.28989995Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-3177", "aliases": [ "GHSA-pxhw-596r-rwq5", "GO-2024-2746" ] }, "timestamp": "2025-07-16T13:25:12.407179126Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.15.4", "subcomponents": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:12.523810539Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:12.641015414Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:12.762365816Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:12.879480311Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:12.996781166Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.118909511Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.238734617Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.357951821Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.479521263Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.598437376Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.716115953Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.838429959Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-33394", "aliases": [ "GHSA-4q63-mr2m-57hf", "GO-2024-2816" ] }, "timestamp": "2025-07-16T13:25:13.959133668Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/kubevirt.io/kubevirt@v0.54.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-35255", "aliases": [ "GHSA-m5vv-6r4h-3vj9", "GO-2024-2918" ] }, "timestamp": "2025-07-16T13:25:14.075727901Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-35255", "aliases": [ "GHSA-m5vv-6r4h-3vj9", "GO-2024-2918" ] }, "timestamp": "2025-07-16T13:25:14.196357431Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-35255", "aliases": [ "GHSA-m5vv-6r4h-3vj9", "GO-2024-2918" ] }, "timestamp": "2025-07-16T13:25:14.311895275Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/Azure/azure-sdk-for-go/sdk/azidentity@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:14.432751571Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:14.546997049Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:14.668589189Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:14.783665051Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:14.90045713Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:15.023297304Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:15.141012457Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:15.262470736Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:15.380640131Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:15.496843397Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:15.614228039Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36621", "aliases": [ "GHSA-2mj3-vfvx-fc43", "GO-2024-3304" ] }, "timestamp": "2025-07-16T13:25:15.7338514Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:15.848563261Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:15.963613172Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.085381522Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.204949623Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.326435162Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.445750882Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.565411243Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.685407965Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.804064702Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:16.9204483Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:17.038315683Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-36623", "aliases": [ "GHSA-gh5c-3h97-2f3q", "GO-2024-3305" ] }, "timestamp": "2025-07-16T13:25:17.157176411Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v1.4.2-0.20170731201646-1009e6a40b29" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110" }, "timestamp": "2025-07-16T13:25:17.273192847Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Manually confirmed after executing govulncheck against https://github.com/rancher/image-build-crictl/tree/v1.30.1-build20240910" }, { "vulnerability": { "name": "CVE-2024-41110" }, "timestamp": "2025-07-16T13:25:17.389312723Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110" }, "timestamp": "2025-07-16T13:25:17.507498128Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Manually confirmed after executing govulncheck against https://github.com/rancher/image-build-rke2-cloud-provider/tree/v1.30.4-build20240910" }, { "vulnerability": { "name": "CVE-2024-41110" }, "timestamp": "2025-07-16T13:25:17.623957226Z", "products": [ { "@id": "pkg:golang/github.com/rancher/wins", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110" }, "timestamp": "2025-07-16T13:25:17.74191295Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Please see upstream issue https://github.com/helm/helm/pull/13226" }, { "vulnerability": { "name": "CVE-2024-41110" }, "timestamp": "2025-07-16T13:25:17.857915446Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Please see upstream issue https://github.com/helm/helm/pull/13226" }, { "vulnerability": { "name": "CVE-2024-41110" }, "timestamp": "2025-07-16T13:25:17.976472973Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Please see upstream issue https://github.com/helm/helm/pull/13226" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.094278066Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.213732376Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.330854987Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.452237335Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.568827673Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.68732108Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.807800354Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.15.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:18.923929531Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.040962441Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.162722401Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.3+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.282173541Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.402031993Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.519278374Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.638262932Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.758881358Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.879432443Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:19.997423567Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.11751474Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.236789209Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.356522181Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.6.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.475963161Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.591963747Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.710254192Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.828280217Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:20.944596894Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.061828205Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.180517822Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.296753519Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.41415759Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.530216276Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.30.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.0.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.648448032Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.768127223Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:21.884847522Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.001135179Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/github.com/moby/moby@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.116932024Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.235290099Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.355563763Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.47182452Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.587191593Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.710431479Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.829300317Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:22.944205848Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.065302116Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.186256072Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.3-0.20221013203545-33ab36d6b304+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.302251008Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.418060093Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.534948883Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.652277464Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.770223888Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:23.891670167Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.011408558Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.129026571Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.245493178Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.362322988Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.478921626Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.597926395Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.715639858Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.832461017Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:24.951686106Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.070802665Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.19384337Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.316451354Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.433664465Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.553345536Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.673281958Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.791486623Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:25.911276575Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.028475316Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.145507966Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.262112734Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.382236128Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.500079231Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.618869369Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.740057176Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.858319421Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:26.976177195Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.09424434Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.214447583Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.331185662Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.45016145Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.565759804Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.685926798Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.804401224Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:27.923880094Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.040502943Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.156474878Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.277129454Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.39315708Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.510408781Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.630918655Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.748301857Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.866385992Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:28.986387244Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.105188962Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.227173413Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.23+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.349120023Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.2+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.467954721Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.0+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.58706835Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.3+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.704706593Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.23+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.824425984Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.2+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:29.943134731Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.0+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.062839743Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.53.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.3+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.181124458Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.23+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.30414139Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.2+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.423877121Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.50.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.0+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.541695392Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.53.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.3+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.663577394Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.782632421Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:30.903206176Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.02140233Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.1410385Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.265820456Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.387694077Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.50577293Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.625740952Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.744197416Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.861737896Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:31.984562682Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.107166107Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.227876983Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.350364827Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.473723676Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.594832513Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.6", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.717484669Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.837099839Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.8", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:32.957804574Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.077802966Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.194305961Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.314799036Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.43122816Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.550609429Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.66828576Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.788186832Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:33.908074833Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.16+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.028601198Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v23.0.11+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.150080327Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.272949284Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.3-build20240515", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.392601134Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.8-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.509948883Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.4-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.628709179Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.0-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.749096103Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.866216731Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:34.985240458Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.10513759Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.225405113Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.344956083Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.464566293Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.586132863Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.4-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.708866669Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.828905631Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.5-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:35.953693317Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.074386982Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.6-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.19743764Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.320261726Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.10.7-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.443989456Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.56424502Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.0-rc9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.685611118Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.80561881Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:36.925226611Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.043854566Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.164682522Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.286181692Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.2-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.410451545Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.529486822Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.11.3-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.651245163Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.12.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.773261175Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:37.896063291Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.017016248Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.138746408Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.15-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.260533239Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.38220032Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.503188687Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.25+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.625172719Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.747938054Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.10-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.870805061Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:38.992785633Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.113288837Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.233628051Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.9-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.352821169Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.10-0.20240723193628-852759a7df45+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.472740301Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.10-0.20240723193628-852759a7df45+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.594000009Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.10-0.20240723193628-852759a7df45+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.71365776Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.10-0.20240723193628-852759a7df45+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.834949478Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15-rc4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.10-0.20240723193628-852759a7df45+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:39.954100766Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.07243058Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.193830059Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.309907252Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.428884089Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.547128352Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.21+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.665380756Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.784458053Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:40.904889367Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.021460973Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.13.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.13856014Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.0", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.259447187Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.9+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.37752763Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.2", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.496602897Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.3", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.61475419Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v24.0.7+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.735553536Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v25.0.5+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.853506058Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:41.973855052Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.24+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:42.093761894Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v20.10.27+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-41110", "aliases": [ "GO-2024-3005" ] }, "timestamp": "2025-07-16T13:25:42.215131453Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/docker/docker@v26.1.4+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:42.333876099Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Manually confirmed that it's a false-positive." }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:42.454065672Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:42.572819177Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:42.691837595Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Confirmed by manually executing govulncheck against the modsync version as executed in https://github.com/rancher/image-build-rke2-cloud-provider/actions/runs/12565669634/job/35030204785" }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:42.811746326Z", "products": [ { "@id": "pkg:golang/github.com/rancher/wins", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:42.931297516Z", "products": [ { "@id": "pkg:golang/github.com/rancher/wins", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:43.05152249Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Manually confirmed that it's a false-positive." }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:43.171062549Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed as false-positive in https://github.com/kubernetes/kubernetes/issues/129164 and manually double checked too." }, { "vulnerability": { "name": "CVE-2024-45337" }, "timestamp": "2025-07-16T13:25:43.291080727Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Upstream confirmed as false-positive in https://github.com/kubernetes/kubernetes/issues/129164 and manually double checked too." }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:43.409709796Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:43.530119612Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:43.649927726Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:43.768396494Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:43.888766389Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.009144685Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.128284786Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.246582143Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.364863311Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.485799729Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.18.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.60503999Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.72407025Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.842578968Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:44.961766569Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.079674655Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.15.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.200793524Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.31865452Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.440723122Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.562257243Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.68033239Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.797301111Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:45.915233167Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.035010891Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.157979307Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221010152910-d6f0a8c073c2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.278627914Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.396916721Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.519164045Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.638956302Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.758335522Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221010152910-d6f0a8c073c2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:46.879719241Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.001002989Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.121378244Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.12.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.24212604Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.364161981Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.483698742Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.60257975Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.723521667Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.842142704Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:47.961416614Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.083807987Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.203022586Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex@v2.37.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.324082224Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220829220503-c86fa9a7ed90" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.444690729Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.566083708Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.68823027Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.810272321Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.21.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220829220503-c86fa9a7ed90" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:48.929658242Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.049244203Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.174222246Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.292776473Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.41124425Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.527875588Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.648098162Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.76919822Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:49.888341239Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.007692659Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.127402531Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.247768265Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.366022211Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.24", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.485487631Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.28", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.605662665Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.33", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.726519832Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.34", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.848087381Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.35", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:50.966514547Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220525230936-793ad666bf5e" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.087158003Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220525230936-793ad666bf5e" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.209434865Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.328864046Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.446327078Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.568396749Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.6.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.691174154Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.812546463Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:51.932421475Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.053647503Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.17712096Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.29861758Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.419646087Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.539867171Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.661026148Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.781384023Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:52.901471526Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.020418994Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.13865055Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.260018378Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.378678276Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.499409082Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.620158248Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.740477142Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.861623409Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:53.983241529Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.102947781Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.223757187Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.344194632Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.471918797Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.59204773Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.713209218Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.834686457Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:54.955124882Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.075561727Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.192896548Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.310742842Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.430531434Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.549751244Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.669088944Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.787136139Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:55.907561803Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.026899183Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.143466972Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.263575215Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.384901994Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.504410474Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.62269201Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.748364417Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.868123849Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.4.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:56.989608158Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.109644841Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-dev.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.231459211Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.35048575Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.472487521Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.593108917Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.715886921Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.839256258Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:57.959560572Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.079592785Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.199512128Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.320886986Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.440365077Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.563361933Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.685772636Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.804823064Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:58.922394957Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.043038103Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.163185126Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.281982794Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.403711654Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.527248472Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.646457072Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.766607675Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:25:59.887259681Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.006175019Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.1282231Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.24975447Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.370346325Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.491095351Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.614041606Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.734947873Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.856892414Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:00.975750072Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.52.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.095956356Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.56.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.217724216Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.57.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.341487215Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.60.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.461714228Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.63.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.582292794Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v2.0.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.702962999Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v2.0.0-rc0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.826055415Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:01.945404285Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.067751748Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.188341223Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.3116353Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.436662624Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.13+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.55735926Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.13-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.679339981Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.14+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.800691974Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.14-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:02.920978519Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.10+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.038957554Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.10-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.158826397Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.277439265Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.40011845Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.9+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.521999202Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.9-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.645259749Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.768762697Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:03.89356482Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.5+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.017616451Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.5-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.140410296Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.6+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.262218667Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.6-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.381616558Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.503188938Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.623223002Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.746840551Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.867822518Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:04.993671766Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator@v1.3.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.115418227Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220214200702-86341886e292" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.236291284Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.360779906Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.481759524Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.603628525Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali@v1.89.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.727205484Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.849737958Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:05.96933719Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.093439761Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.8.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.216270246Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.8.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.337161633Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.458632043Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.57940899Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.702695247Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.824244567Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:06.94659175Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio/docs/debugging/inspect", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.067383017Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.191087596Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.312585726Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.434131056Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.557937146Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.684807458Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.809060789Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:07.933510731Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.056482397Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.179110561Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.300237409Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.428161726Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.552624138Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.680150322Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.806836034Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:08.931144675Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.05388572Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.177173017Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.302878274Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.425243758Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.547505761Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.67124351Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.795573511Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:09.921449629Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.045912221Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.171076486Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.297398056Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.423208133Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.547122153Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.671038173Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.79427054Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:10.922756228Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.046399117Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.171513922Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.300417282Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.425569487Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.551122254Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.677196342Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.801820775Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:11.927709593Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.054319554Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.181372566Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.306458751Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.432410789Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.557380693Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.683332752Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.811592569Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220722155217-630584e8d5aa" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:12.937037845Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.061602498Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.184774504Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.309696688Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.437419294Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.562375038Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.684964322Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.80828357Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:13.935928175Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.06613045Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.191156835Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.314245141Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.439887468Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.56679653Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.691948155Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.819794381Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:14.946276421Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.071903538Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.198946731Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.32273314Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.448879719Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.576008062Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.702721843Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.827045875Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:15.953243094Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.079367843Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.205466582Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.330131845Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.456458284Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.584363441Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.712188596Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.839179769Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:16.964870416Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.092727702Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.1-0.20221117191849-2c476679df9a" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.222947358Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.348376524Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.475681127Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.601111663Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.728052606Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.853745253Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:17.979958372Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.104669885Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.230039541Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.355052525Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.481477575Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20221005025214-4161e89ecf1b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.610436956Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.734207395Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.862050951Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:18.989949047Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:19.115833634Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:19.244379211Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:19.370191787Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:19.499727508Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.26.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:19.628078784Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:19.754553343Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:19.879009473Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.007090048Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.28.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.13210047Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.28.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.257087233Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.379775206Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.506214274Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.63215284Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.757650985Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:20.882845998Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.007248518Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.130615964Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.27.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.255774307Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.384296744Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.509239016Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.633252525Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.76151016Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:21.887872978Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.014262047Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.140346453Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.267993927Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.393886023Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.520641252Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.647798714Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.50.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.774556863Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.53.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:22.904803697Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.55.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.034281328Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.161186439Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.288906902Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.50.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.417226718Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.53.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.546021566Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.55.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.670903668Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.800120418Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:23.928043072Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.058240656Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.185322177Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.314193495Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.441267236Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.567885655Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.692986428Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.816270514Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:24.938076133Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.061136067Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.190036456Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.315595711Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.443831116Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.571010148Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.697075985Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.824174296Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:25.952728803Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.076234079Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob@v0.9.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.201496033Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.32765633Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.452585252Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.579175661Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.28.13-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.706902065Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241012053846-6cbbd2736730-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.832360149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241016053521-9510ac25fefb-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:26.957752893Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.3-build20240515", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.085225415Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.8-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.211619174Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.338798375Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250613", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.465078633Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.4-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.5962335Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241012053748-29fd916cc958-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.722751149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241016053533-5ec454f50e7a-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.850831484Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.0-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:27.980988498Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241012053821-d74ad4253a54-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:28.10601114Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241016053446-0955fa330f90-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:28.232929131Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.9-rc1.0.20250516171836-812206503b28-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:28.361074956Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc2.0.20241220224140-68fbd1a6b543-build20241231", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:28.490587307Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc3.0.20241220224140-68fbd1a6b543-build20250101", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:28.617497707Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.5-rc1.0.20250516182639-8e8f2a4726fd-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:28.744600188Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.0-rc1.0.20250430074337-dc03cb4b3faa-build20250430", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:28.874762482Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.1-0.20250516163953-99d91538b132-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.003805601Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.132291778Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.255571153Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.383211406Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.510045786Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.636739746Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.765929765Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:29.89137261Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.016892664Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.28", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.14509472Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.272328781Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.395492066Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.523713632Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.652707731Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.780689285Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:30.910697508Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.041631935Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.174256859Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.306508091Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.434690687Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.563489185Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.69642566Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.828713502Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:31.954871909Z", "products": [ { "@id": "pkg:golang/github.com/rancher/remotedialer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.078963838Z", "products": [ { "@id": "pkg:golang/github.com/rancher/remotedialer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.206894922Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.334206604Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools@v0.1.111", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.459475078Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools@v0.1.112", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.586168577Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools@v0.1.113", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.716340421Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.844252595Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:32.972492001Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:33.101133608Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:33.229145373Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:33.356564976Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:33.487806304Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:33.615484717Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15-rc4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:33.745758891Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:33.874073627Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.002466053Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.130581079Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.260341321Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.389112818Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.518604659Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.647583658Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.775346242Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:34.905677666Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.033762051Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.16281085Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.289401606Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.417676355Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.548130363Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.680051378Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.808781729Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:35.940387892Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.069148463Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.197956364Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.328700704Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.461413071Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.593786378Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.726284104Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.853589049Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:36.981030585Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:37.106880474Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:37.237830604Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:37.36548987Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:37.494836404Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:37.622126449Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.10-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:37.750502578Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:37.877833313Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.11-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.00569596Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.129151669Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.12-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.254828947Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.13-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.381796121Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.13-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.509146996Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.634508263Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.762641291Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:38.889473524Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.01690006Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.142758258Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.268572407Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.394671747Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.524617373Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.14.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.654425118Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.15.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.781501412Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:39.908836898Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry@v0.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.036187473Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.164649902Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.293437974Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.422399706Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.54958136Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.6.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.676765904Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.803651938Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:40.930486031Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.34.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.05656313Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.37.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.184232827Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.312976178Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.439175608Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.565871581Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.691565869Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.816193892Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:41.944833523Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.070636032Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.196808312Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.325938425Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.45107091Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.582140861Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.709683727Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.837666125Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:42.965474742Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.091862083Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.219817981Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.348313091Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.475349245Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.603206292Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.730750768Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.861172456Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:43.989657216Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:44.117935925Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:44.248628504Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:44.374835434Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:44.501680787Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:44.625137266Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:44.754675851Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:44.884295665Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.012731795Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.141136995Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.269944266Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.397224001Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.526594164Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.654314151Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.783915186Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:45.914819176Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.042765273Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.17052458Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.298699139Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.426366535Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.555122896Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.687117951Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.816491825Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:46.945491117Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.071827718Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.202185375Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.329951512Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.459921678Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.588095117Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.715612853Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.843325669Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:47.970207223Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.095132947Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.223183196Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.350066229Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.477650935Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.608320414Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.735137517Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.863963638Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220411220226-7b82a4e95df4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:48.993660783Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:49.122178543Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:49.250722833Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:49.377830367Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:49.50687927Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.13.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:49.633365861Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:49.761378729Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:49.88766727Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.017503165Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.143912606Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.16.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.271016591Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.398548406Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.52775334Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.657330254Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.784427008Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:50.911720153Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.03956422Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.168741333Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.297075972Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.423546124Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.552779044Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.681859523Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.81294974Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:51.94480988Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.075260575Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.205161627Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.333938144Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.463282324Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.592287662Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.720647868Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.849831257Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:52.978878996Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:53.106499048Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:53.233743719Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:53.36097721Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:53.489053075Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:53.620904785Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:53.751200999Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:53.879381224Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.009328956Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.140308133Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.268210646Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.39619917Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.527108247Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.654316078Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.782490133Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:54.9088252Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.04073042Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.171091994Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.298827597Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.42646384Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.554845486Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.680915852Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.809055747Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:55.941057458Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.069323353Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.198896414Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.328077633Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.457810954Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.586609902Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.716582064Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.845790233Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:56.976705329Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:57.1062002Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:57.241412444Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:57.371353136Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:57.501473449Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:57.630870079Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:57.759762247Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:57.891629238Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.021805131Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.149110702Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.281081703Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.409575149Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.540815637Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.670559568Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.802381828Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:58.931846869Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.062422824Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.191403172Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.322179708Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.451328017Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.583761989Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.71579961Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.845302771Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:26:59.975759305Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:00.1037979Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:00.235148278Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:00.369547119Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:00.500302254Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:00.632061884Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:00.764048825Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:00.896179156Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.02649947Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.15812165Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.287512479Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.418771397Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.54883053Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.677972799Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.808676694Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:01.938044714Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.067922246Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.197979459Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.329287467Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.460382004Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.590292446Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.721032072Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.850138511Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:02.977340291Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:03.112742117Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:03.242800669Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:03.373233364Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:03.499002289Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:03.631587762Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:03.76052561Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:03.891698867Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.022604474Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.155336868Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.28299339Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.414321518Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.545907217Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.675052157Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.805515991Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:04.935250012Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.062586664Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.194722735Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.32291878Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.451245626Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.581152728Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.710277237Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.840015848Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:05.969102547Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:06.099415561Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:06.228185958Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:06.362099797Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:06.491995639Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:06.620874357Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:06.750676739Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:06.88275733Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.011611808Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.142398023Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.2734937Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.405485281Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.535516014Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.664213191Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.796551793Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:07.92608088Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.055208875Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.184372601Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.315701755Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.448038014Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.578256654Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.713307694Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.844712128Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:08.974716407Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:09.104080944Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:09.235175947Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:09.362806306Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:09.494863914Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:09.627485814Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:09.758884448Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:09.890677215Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.023484545Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.155146981Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.284242456Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.412786839Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.541132981Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.672953618Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.802172484Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:10.934781293Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.065493335Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.196238857Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.329225799Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.457584851Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.588186592Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.718585433Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.847679038Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:11.977815888Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:12.109608424Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:12.242641486Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:12.373782489Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:12.504923193Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:12.635066222Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:12.766467037Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:12.898054563Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.03006424Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.161495905Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.291388183Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.422374207Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.549601654Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.682485175Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.814575253Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:13.945085914Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.078312376Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.207399711Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.33741352Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.468027772Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.601232064Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.733256651Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.862346126Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:14.992766407Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:15.12623384Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:15.254544242Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:15.385142334Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:15.516481868Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:15.64713183Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:15.780950065Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:15.914135077Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.045567592Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.179725348Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.311807116Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.443405611Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.574437074Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.705318357Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.835444927Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:16.96426183Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:17.096489059Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:17.230115323Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:17.36202764Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:17.492797732Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:17.622396829Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:17.753963695Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:17.884564776Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.014983827Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.150185247Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.281439841Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.41380715Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.545329395Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.675747546Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.808026265Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:18.938643106Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.071966979Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.206051845Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.338498444Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.469753868Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.602116707Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.735134778Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.866199601Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:19.999639415Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:20.134890795Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:20.269312733Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:20.40137504Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:20.535857678Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:20.666904361Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:20.797994025Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:20.929334889Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.060281022Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.193276813Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.326479796Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.46016331Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.589364375Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.721234922Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.854905856Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:21.987768727Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:22.120795989Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:22.252085183Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:22.38640771Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:22.517724104Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:22.648767297Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:22.782891613Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:22.913579895Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.044311247Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.174140696Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.305093369Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.435837581Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.565792519Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.69863375Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.830666017Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:23.962253853Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:24.091410018Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:24.221983659Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:24.357912631Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:24.490755481Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:24.621798114Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:24.753124497Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:24.882319772Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.013956657Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.14742875Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.276841276Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.409305624Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.540669598Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.67164331Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.801485557Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:25.933904376Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:26.068953445Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:26.200300438Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:26.334713955Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:26.468410178Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:26.602740674Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:26.739866892Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:26.871571847Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.004729769Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.138901624Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.272877659Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.408204149Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.54378442Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.678105966Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.811242167Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:27.945212842Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:28.080212171Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:28.214815548Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:28.34824532Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:28.483591901Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:28.620653118Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:28.755209125Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:28.888176576Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.024836391Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.15973327Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.294111516Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.42797353Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.561370692Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.696661703Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.833028577Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:29.967463214Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:30.105110143Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:30.239331849Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:30.374076127Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:30.5077738Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:30.646642575Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:30.784081004Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:30.917994529Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.052621156Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.188093817Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.322206502Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.456726949Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.590260912Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.723324512Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.855866551Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:31.990559669Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:32.122916107Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:32.258746579Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:32.39422228Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:32.529852191Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:32.665671114Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:32.803212193Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:32.939851399Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:33.074759477Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:33.210311968Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:33.346165091Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:33.481791962Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:33.616276659Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:33.751206237Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:33.886578218Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.02242707Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.160484072Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.295643111Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.431745165Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.567022985Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.699179822Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.833560248Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:34.964102708Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:35.096144905Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:35.229780368Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:35.363799643Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:35.497561807Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:35.632216464Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:35.765043664Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:35.897466292Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.031128856Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.163326963Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.298215411Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.432721178Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.566606612Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.702424085Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.838029116Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:36.971451618Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:37.105621364Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:37.241135645Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:37.375675302Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:37.509827617Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:37.642641867Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:37.77626931Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:37.912377574Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.047751834Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.182232191Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.316635077Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.450359091Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.58538416Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.719637085Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.854346343Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:38.993157118Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:39.127318003Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:39.260388404Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:39.397792683Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:39.535618223Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:39.671715297Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:39.803832734Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:39.939160364Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:40.073345019Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:40.207687856Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:40.340718425Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:40.476087639Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:40.611600063Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:40.747651789Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:40.881009014Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.0169244Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.152971257Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.288572451Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.426601795Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.558926277Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.692228322Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.830360536Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:41.965847501Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:42.103421193Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:42.238653136Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:42.372209692Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:42.507302715Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:42.64318736Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:42.781088254Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:42.919628731Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:43.053655999Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:43.189745505Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:43.325934832Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:43.461942928Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:43.5968602Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:43.731957693Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:43.866961975Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.004495337Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.141049085Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.279278981Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.415583378Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.550022768Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.685457722Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.819430869Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:44.954890403Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:45.089975106Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:45.227150117Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:45.363665345Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:45.497888694Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:45.631818162Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:45.766350202Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:45.900759091Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.035417492Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.168139875Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.30396619Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.0.0-20220315160706-3147a52a75dd" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.435492378Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.567079746Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.700708132Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.835403813Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:46.970147304Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:47.10614147Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:47.24056925Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:47.374363407Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:47.509965082Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:47.644584992Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:47.780121166Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:47.917257327Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.051406886Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.186364568Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.322135333Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.458513251Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.594886718Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.729503989Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.864049689Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:48.999729384Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:49.137082135Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:49.274973779Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:49.410449043Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:49.550607276Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:49.69087496Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:49.824816088Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:49.958897736Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:50.097809814Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:50.234131191Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:50.370315078Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:50.509519057Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:50.646568228Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:50.782689895Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:50.918393539Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:51.056385544Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:51.194493658Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:51.328886298Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:51.462923426Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:51.600576139Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:51.737261398Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:51.87217893Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.007862544Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.141988473Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.275433809Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.41030097Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.548016123Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.683438147Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server@v0.7.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.816577452Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:52.951138282Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:53.085914243Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:53.218934757Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:53.351136597Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:53.486943043Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.15.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:53.620462959Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.15.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45337", "aliases": [ "GHSA-v778-237x-gjrc", "GO-2024-3321" ] }, "timestamp": "2025-07-16T13:27:53.7551761Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/prometheus-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/crypto@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338" }, "timestamp": "2025-07-16T13:27:53.887464421Z", "products": [ { "@id": "pkg:golang/github.com/opencontainers/runc", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Our runc dependency at tag v1.1.14, and others, version golang.org/x/net and only depend on the bpf submodule, not html - which is the source of this CVE - https://github.com/opencontainers/runc/tree/v1.1.14/vendor/golang.org/x/net." }, { "vulnerability": { "name": "CVE-2024-45338" }, "timestamp": "2025-07-16T13:27:54.027624664Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Confirmed by manually executing govulncheck against the modsync version as executed in https://github.com/rancher/image-build-rke2-cloud-provider/actions/runs/12565669634/job/35030204785" }, { "vulnerability": { "name": "CVE-2024-45338" }, "timestamp": "2025-07-16T13:27:54.162963487Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Confirmed by manually executing govulncheck against the modsync version as executed in https://github.com/rancher/image-build-rke2-cloud-provider/actions/runs/12565669634/job/35030204785" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:54.296034471Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:54.431635936Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:54.56485153Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:54.701051877Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:54.835580618Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:54.970811161Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:55.103483303Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:55.23722762Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:55.372109182Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:55.507332605Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.18.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:55.642555077Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:55.777010807Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:55.91227939Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.049314501Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.186407131Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.318914543Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.15.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.45255689Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.588110192Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.724699755Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.858163925Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:56.993575582Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:57.127740295Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:57.263064263Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:57.400560549Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:57.538201926Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:57.673522714Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/api@v2.0.4-k3s3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:57.808841222Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/api@v2.0.4-k3s4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:57.94434964Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/integration/client", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:58.079941178Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/integration/client", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:58.215825948Z", "products": [ { "@id": "pkg:golang/github.com/containernetworking/plugins", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:58.352921202Z", "products": [ { "@id": "pkg:golang/github.com/containernetworking/plugins", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:58.486011991Z", "products": [ { "@id": "pkg:golang/github.com/containernetworking/plugins@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:58.620490524Z", "products": [ { "@id": "pkg:golang/github.com/containernetworking/plugins@v1.6.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:58.754427007Z", "products": [ { "@id": "pkg:golang/github.com/containernetworking/plugins@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:58.890728938Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.030809704Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.167206106Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.302984155Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.437904981Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.575465358Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.711699239Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.847338727Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:27:59.9864372Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:00.119505769Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.12.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:00.255608549Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20220722155237-a158d28d115b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:00.38932155Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:00.522477589Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:00.658438689Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:00.792523911Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:00.926819085Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:01.063238186Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:01.201469926Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:01.334941456Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex@v2.37.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:01.468733387Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:01.606262483Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:01.739192461Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:01.876511556Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.011879324Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.21.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.151000337Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.289752148Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.424784594Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.561354157Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.698356221Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.835461276Z", "products": [ { "@id": "pkg:golang/github.com/flavio/kuberlr", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:02.97008713Z", "products": [ { "@id": "pkg:golang/github.com/flavio/kuberlr@v0.5.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:03.106308151Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:03.237827003Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:03.373464032Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:03.507687745Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:03.64234229Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:03.777833388Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:03.916976731Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:04.056954997Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:04.194906775Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.24", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:04.332942253Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.28", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:04.469066894Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.33", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:04.606308479Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.34", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:04.7423494Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.35", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:04.877415686Z", "products": [ { "@id": "pkg:golang/github.com/grpc-ecosystem/grpc-health-probe@v0.4.36", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.013311676Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.148428362Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.283747Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.419098537Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.55559059Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.691471649Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.6.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.829089746Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:05.963469159Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:06.100477564Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:06.237717169Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:06.377014972Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:06.518519035Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:06.657425707Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:06.793681218Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:06.931969787Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:07.07112545Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:07.20945531Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:07.344630427Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:07.482983486Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:07.619062227Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:07.756398902Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:07.892686394Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.031014453Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.167954297Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.30461855Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.440345299Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.578817909Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.717884152Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.855259338Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:08.99418623Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:09.132267938Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:09.271630612Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:09.41199474Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:09.550892512Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:09.689112441Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:09.825652123Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:09.962471096Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:10.101114867Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:10.239275156Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:10.37609196Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:10.513792177Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:10.649741897Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:10.789506112Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:10.925361582Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:11.062098985Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:11.20180017Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:11.336841556Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:11.474962745Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:11.612791353Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:11.748945943Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:11.885882397Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.022889682Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.161472862Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.299244189Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.438659853Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.579431583Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.718035044Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.85803642Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.4.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:12.996317439Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:13.134792099Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-dev.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:13.271724923Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:13.40925222Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:13.545546891Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:13.684030801Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:13.822442061Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:13.960772761Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:14.103157997Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:14.243626185Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:14.383746582Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:14.51919306Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:14.655910433Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:14.795130856Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:14.930351503Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:15.068879553Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:15.208157357Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:15.345469912Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:15.487860788Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:15.627562323Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:15.76508927Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v0.3.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:15.906468062Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:16.044029658Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:16.182493398Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:16.319903974Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:16.456533067Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:16.595180108Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:16.733295526Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:16.87003732Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.007243175Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.146651079Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.28545012Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.422612585Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.561083795Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.700180728Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.838268706Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:17.9776722Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:18.113876791Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:18.251573198Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:18.388299171Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:18.526289679Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:18.666076925Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:18.802231006Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.52.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:18.938448627Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.56.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:19.077019047Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.57.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:19.217468165Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.60.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:19.352833553Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v1.63.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:19.491449664Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v2.0.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:19.630098615Z", "products": [ { "@id": "pkg:golang/github.com/jaegertracing/jaeger@v2.0.0-rc0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:19.768578665Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/helm-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:19.904720526Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/helm-controller@v0.15.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:20.043326586Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:20.180799492Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:20.316467631Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:20.453073314Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:20.590739561Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:20.729500402Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.13+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:20.867021258Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.13-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.004221403Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.14+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.142456843Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.14-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.279976319Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.10+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.420701578Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.10-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.557579552Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.6980143Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.839089041Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.9+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:21.975467982Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.9-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:22.113693111Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:22.254394361Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:22.394758938Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.5+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:22.534048692Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.5-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:22.671783139Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.6+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:22.811444714Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.6-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:22.949441302Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:23.087849552Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:23.224332864Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:23.362232992Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-cni", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:23.499414017Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-cni", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:23.637397895Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-cni@v2.8.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:23.776001316Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:23.912002836Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:24.054409222Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin@v3.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:24.19226279Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin@v3.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:24.329445715Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:24.468494347Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:24.607069768Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator@v1.3.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:24.747784077Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/whereabouts", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:24.886580059Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/whereabouts@v0.8.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.023491102Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.162984997Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.301130486Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.437406817Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.571444319Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali@v1.89.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.708499553Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.845486148Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:25.98441124Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:26.122596179Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:26.261073179Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:26.401153645Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:26.537772338Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.8.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:26.67662171Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.8.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:26.816243915Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:26.950747829Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:27.085337743Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:27.224253185Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:27.361295499Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:27.499733229Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-resizer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:27.637657158Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-resizer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:27.776104777Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/client/v8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:27.912022447Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/client/v8@v8.3.0-20250709", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:28.048498029Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:28.185753091Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:28.322834617Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:28.461367638Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:28.600807303Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:28.740956952Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:28.88106468Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/livenessprobe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.019696191Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/livenessprobe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.161478356Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/livenessprobe", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.298577352Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/node-driver-registrar", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.436444071Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/node-driver-registrar", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.575317694Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/node-driver-registrar", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.712970782Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/node-driver-registrar", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.848881342Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:29.985335895Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:30.127232491Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:30.267088177Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.8.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:30.40833918Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:30.54884423Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.9.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:30.689173509Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:30.828800075Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:30.963975642Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:31.105417746Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:31.247790413Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:31.389019166Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:31.53310568Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:31.673948371Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.30.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:31.814016489Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:31.955144501Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:32.097099487Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:32.238574521Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/backing-image-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:32.380955948Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:32.52201025Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-engine@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:32.663096142Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:32.810014018Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:32.949837615Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:33.09396228Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:33.233116194Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:33.372388968Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:33.512440626Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210726213435-c6fcb2dbf985" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:33.652991596Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:33.794111728Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:33.934373707Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:34.076110511Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:34.217129303Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4@v4.43.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:34.357842804Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4@v4.44.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:34.498221413Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4@v4.44.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:34.637485917Z", "products": [ { "@id": "pkg:golang/github.com/mikefarah/yq/v4@v4.44.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:34.77881372Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:34.913769407Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:35.055928823Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:35.196731344Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3@v3.13.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:35.337253294Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:35.478868418Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bellsoft-liberica/v9@v10.2.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:35.621767008Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:35.764501497Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundle-install@v0.7.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:35.904004072Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:36.046312679Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/bundler@v0.7.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:36.185925525Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:36.326475395Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/composer@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:36.468034729Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:36.608109537Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/conda-env-update@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:36.750028702Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:36.888486523Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/cpython@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:37.030863251Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:37.171837152Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:37.31675266Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime/dependency/retrieval@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:37.460152862Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-aspnet-runtime@v0.3.19", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:37.601931077Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:37.741259791Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:37.885243116Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk/dependency/retrieval@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:38.028710347Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-core-sdk@v0.13.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:38.1700211Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:38.313445032Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-execute@v0.14.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:38.45603745Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:38.599240181Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/dotnet-publish@v0.12.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:38.741280707Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:38.885251111Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/git@v1.0.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:39.027839069Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:39.172001684Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-build@v2.0.22", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:39.31419652Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:39.457640272Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:39.599910999Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist/dependency/retrieval@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:39.740310248Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-dist@v2.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:39.88134117Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:40.022125581Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/go-mod-vendor@v1.0.21", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:40.163004302Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:40.304051594Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:40.445605798Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd/retrieval@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:40.591035628Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/httpd@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:40.730024741Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:40.871948367Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:41.014069963Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu/dependency/retrieval@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:41.157171093Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/icu@v0.6.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:41.297894944Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:41.439250927Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/liberty@v3.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:41.579601186Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:41.718903001Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/miniconda@v0.8.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:41.855794946Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.000224362Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.143332392Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri/dependency/retrieval@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.285124567Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/mri@v0.14.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.427030162Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.567551802Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.709150586Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx/retrieval@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.850867251Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/nginx@v0.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:42.994014321Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:43.132460252Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:43.273957916Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine/retrieval@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:43.415997702Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-engine@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:43.558118058Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:43.700982758Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-run-script@v1.0.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:43.841702638Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:43.98502828Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/node-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:44.130142128Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:44.271594762Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-install@v1.1.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:44.413207216Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:44.554966731Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/npm-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:44.695729061Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:44.838981812Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/passenger@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:44.979979104Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:45.125559965Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-builtin-server@v0.4.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:45.268655951Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:45.411643126Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:45.556614529Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist/retrieval@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:45.697745236Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-dist@v2.1.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:45.84055295Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:45.983635846Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-fpm@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:46.12891298Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:46.274223204Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-httpd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:46.41503309Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:46.560352845Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-memcached-session-handler@v0.2.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:46.702253055Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:46.848639624Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-nginx@v0.3.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:46.993271065Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:47.14103848Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-redis-session-handler@v0.2.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:47.285029869Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:47.427479251Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/php-start@v0.4.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:47.571015038Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:47.714740286Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:47.860165131Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip-install@v0.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:48.005711926Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pip@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:48.150701159Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:48.295357311Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:48.440910086Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv-install@v0.6.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:48.585145676Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:48.730430011Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:48.872960223Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v0.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:49.019341782Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:49.163504442Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv/retrieval@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:49.311242476Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/pipenv@v1.18.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:49.454643553Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:49.601128292Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:49.746168065Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-install@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:49.889492391Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:50.032532546Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry-run@v0.4.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:50.180975934Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:50.325571065Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:50.471739933Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:50.619229106Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.10.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:50.759953352Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.17.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:50.905310066Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry/retrieval@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:51.049166765Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/poetry@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:51.193996997Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:51.336192889Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/puma@v0.4.31", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:51.480219278Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:51.624601528Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/python-start@v0.14.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:51.770114344Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:51.915143987Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rackup@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:52.060546192Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:52.208215925Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rails-assets@v0.9.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:52.350877599Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:52.494296196Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/rake@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:52.642804933Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:52.789585383Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/thin@v0.5.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:52.935276339Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:53.0821039Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/unicorn@v0.4.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:53.227209173Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:53.369269934Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:53.516202995Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg/dependency/retrieval@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:53.658731478Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/vsdbg@v0.2.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:53.804594015Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:53.951818187Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:54.095327214Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-install@v1.1.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:54.243922872Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:54.385858522Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn-start@v1.0.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:54.526899339Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:54.670588597Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn/retrieval@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20221004154528-8021a29435af" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:54.816605044Z", "products": [ { "@id": "pkg:golang/github.com/paketo-buildpacks/yarn@v1.1.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:54.95979075Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:55.106935032Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.28.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:55.253429951Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.28.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:55.397632731Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:55.540355295Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:55.686646203Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:55.831214444Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:55.97678495Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:56.120493518Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:56.267957211Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:56.409368799Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:56.553478449Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.26.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:56.697383997Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:56.845416863Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:56.990994328Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:57.134828676Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.28.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:57.279243357Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.28.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:57.428241417Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:57.568311389Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:57.713784474Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:57.858479086Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:58.0037103Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:58.148798524Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:58.293723847Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:58.438567539Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.27.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:58.583726903Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:58.729136387Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:58.87652965Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:59.022638278Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:59.165174591Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:59.312170852Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:59.454606005Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:59.601721296Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:59.748288776Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:28:59.891200701Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:00.036353354Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:00.181282607Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.50.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:00.327967727Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.53.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:00.471004252Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.55.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:00.615879045Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:00.762722385Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:00.909579946Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.50.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:01.055563623Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.53.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:01.20394849Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.55.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:01.346912609Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:01.494846825Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:01.640752883Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:01.789162561Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:01.935653342Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:02.083833019Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:02.229240366Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:02.373049376Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:02.517956891Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:02.658561219Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:02.803749815Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:02.947315044Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:03.085740314Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:03.229784405Z", "products": [ { "@id": "pkg:golang/github.com/rancher/confd@v0.16.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:03.375308902Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:03.517495447Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:03.660083033Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:03.803618792Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:03.949896362Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:04.090826371Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v4.0.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:04.237220492Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v5.0.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:04.382966059Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:04.529626871Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:04.673976953Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:04.817026101Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/e2e/testenv/infra@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:04.963801823Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:05.1093692Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:05.253882823Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:05.39686641Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/pkg/apis@v0.11.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:05.542157506Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/pkg/apis@v0.11.2-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:05.685756496Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/pkg/apis@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.31.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:05.831230203Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet/pkg/apis@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:05.98211493Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:06.125101058Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:06.271752849Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:06.416215862Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:06.563619966Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:06.710353678Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob/pkg/apis@v0.9.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:06.852686782Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob@v0.9.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:07.001367462Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:07.149126267Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:07.293879341Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:07.43456961Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:07.584526044Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:07.730378102Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.28.13-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:07.877067093Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241012053846-6cbbd2736730-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:08.026181804Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241016053521-9510ac25fefb-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:08.172212783Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.3-build20240515", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:08.318744264Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.8-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:08.465404225Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:08.611133913Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250613", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:08.758678998Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.4-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:08.907307697Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241012053748-29fd916cc958-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:09.053472956Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241016053533-5ec454f50e7a-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:09.200041047Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.0-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:09.348641596Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241012053821-d74ad4253a54-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:09.496727683Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241016053446-0955fa330f90-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:09.640721474Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.9-rc1.0.20250516171836-812206503b28-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:09.786193631Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc2.0.20241220224140-68fbd1a6b543-build20241231", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:09.933990927Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc3.0.20241220224140-68fbd1a6b543-build20250101", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:10.080111376Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.5-rc1.0.20250516182639-8e8f2a4726fd-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:10.227051548Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.0-rc1.0.20250430074337-dc03cb4b3faa-build20250430", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:10.374043261Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.1-0.20250516163953-99d91538b132-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:10.521187214Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:10.66651205Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:10.813276422Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:10.961321389Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:11.109337625Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:11.254421611Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:11.401740374Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:11.547688813Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:11.694724846Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.28", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:11.843250464Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:11.990673909Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:12.143871365Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:12.29152342Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:12.446185112Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:12.590146193Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:12.737021685Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:12.883055504Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:13.030972201Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:13.178127444Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:13.328217028Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:13.477283959Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:13.6213932Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:13.764036796Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:13.910410727Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:14.056444816Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:14.206209119Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:14.355014148Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:14.501405879Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/client@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:14.651856345Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:14.801925099Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:14.952886977Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:15.097823112Z", "products": [ { "@id": "pkg:golang/github.com/rancher/remotedialer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:15.244693934Z", "products": [ { "@id": "pkg:golang/github.com/rancher/remotedialer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:15.390370661Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:15.537689585Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools@v0.1.111", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:15.684170736Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools@v0.1.112", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:15.832421743Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke-tools@v0.1.113", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:15.98052647Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:16.128962778Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:16.275942251Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:16.427650192Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16+rke2r2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:16.571852284Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.27.16-rc1+rke2r2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:16.721400426Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:16.870714588Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.28.15-rc4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:17.019811818Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:17.169780922Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.29.15-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:17.320572349Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:17.471860321Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.12-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:17.620652745Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:17.768329931Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:17.91906061Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.13-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:18.065592119Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:18.214520603Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:18.363811755Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.30.14-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:18.515063403Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:18.664656724Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:18.813383428Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.10-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:18.964946755Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:19.118056738Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.8-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:19.266415922Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:19.415755975Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:19.566521254Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.31.9-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:19.717950931Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:19.86848679Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.4-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:20.014015872Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:20.163268164Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:20.312170427Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.5-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:20.461783208Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:20.610937384Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc1+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:20.758059442Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rke2@v1.32.6-rc2+rke2r1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:20.904365867Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:21.051351744Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:21.1955663Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:21.341639064Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:21.488967582Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.10-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:21.633895792Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:21.781615602Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.11-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:21.925486307Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:22.074930884Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.12-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:22.219689232Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.13-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:22.367991135Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.13-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:22.517691503Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:22.665514333Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-agent@v0.3.6-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:22.81492188Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:22.969234467Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:23.115631722Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:23.264899498Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:23.415681881Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:23.561974715Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:23.71076354Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:23.859452394Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:24.008978801Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:24.154006721Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:24.299744713Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis@v0.14.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:24.447714554Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller/pkg/apis@v0.15.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:24.597437302Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:24.747492452Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.13.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:24.898247904Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.14.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:25.044743449Z", "products": [ { "@id": "pkg:golang/github.com/rancher/system-upgrade-controller@v0.15.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:25.193062872Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:25.343440623Z", "products": [ { "@id": "pkg:golang/github.com/rancher/telemetry@v0.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:25.486419784Z", "products": [ { "@id": "pkg:golang/github.com/rancher/ui-plugin-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:25.635297149Z", "products": [ { "@id": "pkg:golang/github.com/rancher/ui-plugin-operator@v0.1.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:25.784396985Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:25.929983266Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:26.079250463Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.4.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:26.22619194Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:26.375388636Z", "products": [ { "@id": "pkg:golang/github.com/rancher/webhook@v0.6.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.32.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:26.520886057Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:26.666495819Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:26.811413118Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.34.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:26.959996002Z", "products": [ { "@id": "pkg:golang/github.com/thanos-io/thanos@v0.37.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:27.108178804Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:27.256065045Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:27.403524674Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:27.551615686Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:27.698194271Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:27.842865119Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:27.989365055Z", "products": [ { "@id": "pkg:golang/github.com/vmware-tanzu/sonobuoy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:28.133544001Z", "products": [ { "@id": "pkg:golang/github.com/vmware-tanzu/sonobuoy@v0.57.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:28.278949012Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:28.424939365Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:28.573364908Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:28.719508032Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:28.867192652Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:29.013600047Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:29.163835957Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:29.310227932Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:29.460219521Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:29.607296649Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/api/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:29.751657176Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:29.897130897Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:30.047196027Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:30.192387737Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:30.339457634Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:30.488070568Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:30.637204834Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:30.786210769Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:30.934860763Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:31.082459593Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/client/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20210405180319-a5a99cb37ef4" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:31.230464264Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:31.37948862Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:31.526363717Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:31.674462188Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:31.820656183Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:31.967049468Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:32.118072641Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:32.26541472Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:32.41328227Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:32.558026559Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:32.703836271Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:32.847836247Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:32.994283152Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:33.138407218Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:33.282312053Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:33.426472949Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:33.571269105Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:33.719641789Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:33.865471534Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:34.013623577Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:34.158258223Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:34.305526549Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:34.449586082Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:34.596875158Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:34.741928348Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:34.888393858Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:35.03507896Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:35.182118244Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:35.327700698Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:35.473183601Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/pkg/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.0.0-20200822124328-c89045814202" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:35.618459752Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:35.763348241Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:35.910233804Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:36.054624399Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:36.202248818Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:36.349310682Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:36.497070151Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:36.643819787Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:36.791414832Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:36.938101044Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/server/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:37.082287136Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:37.232716353Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:37.379959967Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:37.523103145Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:37.671741845Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:37.820019733Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:37.969008655Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:38.119225831Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:38.268895944Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:38.413761329Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/tests/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:38.56262873Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:38.710384066Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:38.858213923Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:39.00632863Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:39.152735371Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:39.300483457Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:39.444387018Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:39.594258103Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:39.748015843Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:39.894982126Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:40.044403369Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:40.191983994Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:40.336005486Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:40.482222486Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:40.628214215Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:40.773274771Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.1.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:40.918069375Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.1.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:41.066824476Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.1.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:41.212948115Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.1.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:41.357395568Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.2.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:41.502941926Z", "products": [ { "@id": "pkg:golang/gopkg.in/k8snetworkplumbingwg/multus-cni.v4@v4.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:41.649414807Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:41.797062403Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:41.947785961Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:42.099288142Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:42.245998364Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.13.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:42.39114172Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:42.541859438Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:42.692699387Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:42.841612197Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.15.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:42.990642899Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.16.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:43.142761642Z", "products": [ { "@id": "pkg:golang/helm.sh/helm/v3@v3.16.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:43.289351304Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:43.435803985Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:43.585677619Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:43.733152135Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:43.883032179Z", "products": [ { "@id": "pkg:golang/istio.io/istio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.29.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:44.03198453Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:44.181174622Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:44.327394622Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:44.474355925Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:44.622000521Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:44.768967514Z", "products": [ { "@id": "pkg:golang/k8s.io/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:44.919592822Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:45.06521265Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:45.213831699Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:45.36013875Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:45.507496705Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:45.654849209Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:45.802771666Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:45.949158217Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:46.09621407Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:46.243326334Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:46.390784649Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:46.53457714Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:46.679295354Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:46.826679599Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:46.974630396Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:47.11929881Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:47.269060694Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:47.416008017Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:47.566051292Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:47.716597499Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:47.864648047Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:48.011151718Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:48.157471219Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:48.304278061Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:48.449918179Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:48.59882176Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:48.746354735Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:48.89378788Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:49.043588914Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:49.196420191Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:49.345719283Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:49.494257253Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:49.643949546Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:49.794670215Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:49.945974299Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:50.094843764Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:50.242878725Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:50.393332896Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:50.542698092Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:50.691318526Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:50.836684147Z", "products": [ { "@id": "pkg:golang/k8s.io/api@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:50.988045061Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:51.135740781Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:51.285278269Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:51.4333637Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:51.583014408Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:51.730053546Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:51.87888402Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:52.028077186Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:52.179273849Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:52.328497206Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:52.481947527Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:52.63279009Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:52.778870664Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:52.929199104Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:53.079100552Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:53.227700306Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:53.378831199Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:53.531011536Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:53.684371288Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:53.83503749Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:53.984980058Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:54.134376305Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:54.28326459Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:54.437634655Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:54.583784349Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:54.731323589Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:54.878355507Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:55.032615872Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:55.183028792Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:55.336015423Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:55.487511447Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:55.640830479Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:55.793249937Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:55.942314492Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:56.094295229Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:56.245553872Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:56.39797169Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:56.549344075Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:56.704012791Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:56.852089483Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:57.001861531Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:57.153664567Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:57.305845554Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:57.454167657Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:57.604396186Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:57.75558077Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:57.911641292Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:58.063208047Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:58.214797082Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:58.364395319Z", "products": [ { "@id": "pkg:golang/k8s.io/apiextensions-apiserver@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:58.511955629Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:58.656730548Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:58.804634549Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:58.95527745Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:59.105991362Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:59.253835243Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:59.402073805Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:59.554312472Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:59.704269331Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:29:59.856349658Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:00.005086052Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:00.156344006Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:00.308944624Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:00.459865327Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:00.608925572Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:00.761568231Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:00.912906765Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:01.064115269Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:01.215246832Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:01.36761725Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:01.518848563Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:01.668064899Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:01.817794397Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:01.963750021Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:02.1164653Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:02.266301688Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:02.416464978Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:02.563628996Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:02.715164551Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:02.865329541Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:03.01294421Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:03.161454844Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:03.309838716Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:03.463260558Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:03.612682485Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:03.761034318Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:03.910779576Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:04.061764028Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:04.215027174Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:04.364873746Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:04.517026537Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:04.668646457Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:04.816751002Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:04.961717975Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:05.112973123Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:05.264810863Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:05.414913337Z", "products": [ { "@id": "pkg:golang/k8s.io/apimachinery@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:05.566188935Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:05.71687048Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:05.867765147Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:06.02032134Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:06.176259546Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:06.326097828Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:06.477780688Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:06.624723089Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:06.776682499Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:06.927211404Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:07.08036993Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:07.232793312Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:07.385255855Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:07.529621046Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:07.680834113Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:07.831575729Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:07.979885965Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:08.130632641Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:08.280335403Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:08.430744258Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:08.58300887Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:08.734140247Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:08.88676091Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:09.040584488Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:09.194960308Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:09.346460027Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:09.498073097Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:09.648879693Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:09.798314553Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:09.950785026Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:10.105425057Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:10.25539967Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:10.407348691Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:10.560205605Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:10.711892474Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:10.860394512Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:11.013768268Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:11.165654508Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:11.317358078Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:11.471335367Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:11.619513342Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:11.771886204Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:11.925465742Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:12.082758533Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:12.239332132Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:12.392012676Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:12.542637481Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:12.693699078Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:12.845548758Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:12.998387483Z", "products": [ { "@id": "pkg:golang/k8s.io/apiserver@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:13.147546232Z", "products": [ { "@id": "pkg:golang/k8s.io/autoscaler/addon-resizer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:13.295153896Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:13.444685097Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:13.595408443Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:13.745264865Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:13.895061757Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:14.047972861Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:14.197295732Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:14.345884679Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:14.491894936Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:14.642850063Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:14.789050231Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:14.938953063Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:15.086734527Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:15.232659484Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:15.38336705Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:15.535502131Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:15.688119675Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:15.833276558Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:15.982301657Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:16.131124746Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:16.282983346Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:16.434676166Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:16.583687255Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:16.735655365Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:16.884884495Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:17.032279348Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:17.184958241Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:17.336999072Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:17.489728006Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:17.641336205Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:17.789962273Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:17.940018636Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:18.090515611Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:18.237239451Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:18.387764516Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:18.540086978Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:18.688697005Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:18.832550844Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:18.982496167Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:19.137409989Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:19.288065554Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:19.441828872Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:19.591922285Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:19.743771076Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:19.894930503Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:20.049824286Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:20.204440427Z", "products": [ { "@id": "pkg:golang/k8s.io/cli-runtime@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:20.352726583Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:20.504078331Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:20.655037528Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:20.805654623Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:20.955242604Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:21.102574347Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:21.256685876Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:21.404128279Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:21.556693692Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:21.709146224Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:21.860274742Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:22.013522618Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:22.165948691Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:22.316740938Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:22.465225375Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:22.615908281Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:22.768957517Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:22.915912018Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:23.067828449Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:23.216148656Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:23.367860806Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:23.519069514Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:23.669968811Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:23.817327214Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:23.969660817Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:24.120163202Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:24.273212188Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:24.425047339Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:24.5745728Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:24.726319721Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:24.87283193Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:25.025522524Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:25.179287783Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:25.329558047Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:25.481445888Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:25.631553422Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:25.783654544Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:25.930626345Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:26.08340014Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:26.23777405Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:26.389220939Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:26.541828923Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:26.693183162Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:26.846424778Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:26.997206855Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:27.148779414Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:27.302996195Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:27.45616925Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:27.610553501Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:27.765205263Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:27.914891475Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:28.068364552Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:28.224655621Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:28.378128868Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:28.53279746Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:28.686594778Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:28.840057546Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:28.990736572Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:29.145172373Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:29.295740378Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:29.448159071Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:29.598304345Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:29.752609036Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:29.906527595Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:30.060810535Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:30.214060601Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:30.367626669Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:30.521391907Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:30.675849758Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:30.827251927Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:30.980844835Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:31.135713438Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:31.292526388Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:31.44467324Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:31.59633432Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:31.749847507Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:31.902699492Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:32.055552257Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:32.207280987Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:32.360531424Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:32.514600203Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:32.667049196Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:32.819146518Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:32.974591463Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:33.132899059Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:33.28735337Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:33.437533354Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:33.593374831Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:33.74487527Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:33.900276955Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:34.052183356Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:34.2098886Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:34.360670417Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:34.519603795Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:34.676044034Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:34.830718666Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:34.984258624Z", "products": [ { "@id": "pkg:golang/k8s.io/cloud-provider@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:35.135420682Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:35.288296137Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:35.442776848Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:35.596350605Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:35.749063159Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:35.902364446Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:36.054893569Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:36.205841987Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:36.359888816Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:36.516516066Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:36.667131911Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:36.820678749Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:36.97499347Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:37.124949723Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:37.277363626Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:37.432500439Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:37.590058683Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:37.745259207Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:37.917007766Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:38.067737569Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:38.221833841Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:38.372022337Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:38.529357472Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:38.679443358Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:38.834336663Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:38.992615712Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:39.140545849Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:39.290119103Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:39.441044852Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:39.593870579Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:39.747480609Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:39.899014061Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:40.051096235Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:40.204848635Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:40.356956729Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:40.50819551Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:40.657906804Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:40.807309577Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:40.957860415Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:41.112405229Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:41.265192285Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:41.417728241Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:41.572250635Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:41.72732351Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:41.884725316Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:42.045725356Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:42.198562003Z", "products": [ { "@id": "pkg:golang/k8s.io/cluster-bootstrap@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:42.350607646Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:42.499161286Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:42.65369679Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:42.807792542Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:42.963836782Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:43.114085048Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:43.261785824Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:43.416088227Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:43.567265227Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:43.724456032Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:43.875027889Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:44.02881319Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:44.186182695Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:44.334048192Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:44.491097736Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:44.639813716Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:44.792131151Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:44.947454378Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:45.102077822Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:45.258524284Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:45.415344517Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:45.566978279Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:45.722596887Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:45.875584234Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:46.032120116Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:46.182810494Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:46.335782002Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:46.487759475Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:46.643410974Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:46.806516192Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:46.977702353Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:47.144684987Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:47.315987238Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:47.475721583Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:47.626501112Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:47.780770614Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:47.938379971Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:48.090844526Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:48.246195793Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:48.401756061Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:48.558951735Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:48.708439409Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:48.860716714Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:49.012905418Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:49.171766079Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:49.33300795Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:49.484888273Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:49.638524713Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:49.793571119Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator/examples@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:49.944153327Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:50.100820899Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:50.250950845Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:50.403161339Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:50.552412932Z", "products": [ { "@id": "pkg:golang/k8s.io/code-generator@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:50.706208443Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:50.862853735Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:51.011933757Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:51.162389304Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:51.31490809Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:51.46361248Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:51.618576995Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:51.769485404Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:51.923465146Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:52.078594232Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:52.232274262Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:52.381178863Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:52.534758113Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:52.691974288Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:52.849098152Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:52.9996074Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:53.153782742Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:53.309876172Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:53.461066672Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:53.618697429Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:53.768687824Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:53.92120085Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:54.071462006Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:54.222602156Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:54.378121761Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:54.530733318Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:54.688711597Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:54.838640193Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:54.991008308Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:55.144231548Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:55.297622298Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:55.451028618Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:55.605653234Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:55.75829506Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:55.908742528Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:56.065459892Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:56.222166737Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:56.376694662Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:56.536010027Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:56.690737892Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:56.844197123Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:56.995790875Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:57.150557941Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:57.311402583Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:57.468039297Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:57.619486779Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:57.776861836Z", "products": [ { "@id": "pkg:golang/k8s.io/component-base@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:57.928111247Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:58.082476691Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:58.232082215Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:58.385116994Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:58.541682397Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:58.694113284Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:58.849573542Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:59.007382391Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:59.157835339Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:59.315808938Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:59.467738952Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:59.62281453Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:59.780721809Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:30:59.93426406Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:00.086063833Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:00.242048354Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:00.395115563Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:00.552197579Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:00.704230363Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:00.858781938Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:01.015875494Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:01.169629526Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:01.320009543Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:01.474303957Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:01.628781942Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:01.780104753Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:01.941504517Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:02.099532877Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:02.250568697Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:02.402945013Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:02.559378566Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:02.714568334Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:02.876052658Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:03.03232198Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:03.182479527Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:03.338169577Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:03.495927985Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:03.646898535Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:03.79914262Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:03.95716526Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:04.11040162Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:04.271923014Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:04.428579418Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:04.580942914Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:04.736434697Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:04.888506881Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:05.047212991Z", "products": [ { "@id": "pkg:golang/k8s.io/component-helpers@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:05.203254361Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:05.361068157Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:05.522768329Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:05.67391528Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:05.828278253Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:05.981868922Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:06.139431138Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:06.298383289Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:06.457445281Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:06.615653289Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:06.767560632Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:06.91809103Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:07.074880392Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:07.229693307Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:07.382613204Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:07.538862875Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:07.699975544Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:07.850457212Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:08.00371434Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:08.158068303Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:08.314315114Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:08.468735517Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:08.628375721Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:08.788755568Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:08.945043168Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:09.10679548Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:09.262149947Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:09.422677505Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:09.574685218Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:09.731794772Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:09.889306917Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:10.04598297Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:10.202749632Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:10.358069869Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:10.512897623Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:10.67334852Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:10.831326167Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:10.983612612Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:11.139498021Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:11.296525154Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:11.455688606Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:11.609826048Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:11.768492468Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:11.922092558Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:12.079475042Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:12.242329879Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:12.396097449Z", "products": [ { "@id": "pkg:golang/k8s.io/controller-manager@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:12.54750066Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:12.702667906Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:12.857637512Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:13.012696577Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:13.16453091Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:13.31562367Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:13.47182651Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:13.620848651Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:13.778278477Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:13.9329122Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:14.086628691Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:14.241024423Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:14.3911435Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:14.546035914Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:14.699312683Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:14.853912567Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:15.012688317Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:15.167758393Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:15.320349168Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:15.478595457Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:15.635123498Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:15.791055467Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:15.946519794Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:16.09901648Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:16.256043883Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:16.409533252Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:16.565855773Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:16.727209633Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:16.883950226Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:17.0386067Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:17.19241827Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:17.344462104Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:17.493974017Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:17.64826374Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:17.806252537Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:17.96318473Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:18.116425758Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:18.273829843Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:18.431208268Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:18.585141229Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:18.742357193Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:18.900747882Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:19.056724721Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:19.209177697Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:19.360393557Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:19.518451994Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:19.672625006Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-api@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:19.827714922Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:19.978076539Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:20.135804555Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:20.287303517Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:20.44189983Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:20.598883554Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:20.756978951Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:20.915093219Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:21.067983196Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:21.223570153Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:21.376893082Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:21.533011182Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:21.68878603Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:21.848262153Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:22.00116275Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:22.154593039Z", "products": [ { "@id": "pkg:golang/k8s.io/cri-client@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:22.306836244Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:22.464792951Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:22.617341677Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:22.774422Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:22.92797886Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:23.082776344Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:23.239335766Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:23.39400773Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:23.551239424Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:23.707246953Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:23.866082784Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:24.023228368Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:24.177700671Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:24.333228619Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:24.486590847Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:24.637791488Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:24.794100918Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:24.95065135Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:25.109245179Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:25.264340745Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:25.424712721Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:25.579489726Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:25.732777265Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:25.890643751Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:26.0464083Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:26.200956653Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:26.35876817Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:26.512613332Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:26.670412665Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:26.829733115Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:26.986568604Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:27.140133701Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:27.294563711Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:27.447155613Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:27.60339047Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:27.763568463Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:27.916879229Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:28.070967817Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:28.228028698Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:28.383277501Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:28.537720851Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:28.692331962Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:28.848290668Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:29.001665323Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:29.157781Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:29.31229711Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:29.468727178Z", "products": [ { "@id": "pkg:golang/k8s.io/csi-translation-lib@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:29.622893467Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:29.773907743Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:29.931668457Z", "products": [ { "@id": "pkg:golang/k8s.io/dns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:30.087788913Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:30.243652299Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:30.397795768Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:30.555990043Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:30.713348435Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:30.86663528Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:31.025069716Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:31.180368299Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:31.336201235Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:31.488652547Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:31.645617727Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:31.803113769Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:31.955881002Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:32.11476453Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:32.271370169Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:32.42615324Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:32.577666888Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:32.733171112Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:32.888036104Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:33.04149533Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:33.198071059Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:33.351514645Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:33.504467709Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:33.655203084Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:33.814105552Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:33.96816045Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:34.124716818Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:34.282219461Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:34.440834217Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:34.593915912Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:34.75279418Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:34.906239546Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:35.061389468Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:35.218216448Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:35.375428329Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:35.529382597Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:35.68719986Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:35.844935744Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:35.99840518Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:36.150667851Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:36.308278954Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:36.466121447Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:36.621129819Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:36.776440783Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:36.930562702Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:37.090930905Z", "products": [ { "@id": "pkg:golang/k8s.io/dynamic-resource-allocation@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:37.25401915Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:37.406187191Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:37.571306614Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:37.727687641Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:37.886546289Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:38.041700302Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:38.197806639Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:38.353031212Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:38.506280557Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:38.664553702Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:38.819070872Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:38.973300992Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:39.128886446Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:39.283646497Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:39.435520277Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:39.591428643Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:39.75018573Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:39.908867127Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:40.066072768Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:40.223098268Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:40.378435242Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:40.534222667Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:40.688968289Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:40.8486903Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:41.003074219Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:41.159011735Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:41.318140154Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:41.472789865Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:41.626816633Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:41.784283465Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:41.93728576Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:42.095575075Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:42.25368195Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:42.409784696Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:42.56270242Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:42.722304759Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:42.875820032Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:43.029940118Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:43.184808607Z", "products": [ { "@id": "pkg:golang/k8s.io/endpointslice@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:43.34583749Z", "products": [ { "@id": "pkg:golang/k8s.io/externaljwt", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:43.50094755Z", "products": [ { "@id": "pkg:golang/k8s.io/externaljwt@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:43.658042328Z", "products": [ { "@id": "pkg:golang/k8s.io/externaljwt@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:43.816584941Z", "products": [ { "@id": "pkg:golang/k8s.io/externaljwt@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:43.972432594Z", "products": [ { "@id": "pkg:golang/k8s.io/externaljwt@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:44.131455979Z", "products": [ { "@id": "pkg:golang/k8s.io/externaljwt@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:44.289662741Z", "products": [ { "@id": "pkg:golang/k8s.io/externaljwt@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:44.447357191Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:44.600192982Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:44.756751187Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:44.914631218Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:45.06778271Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:45.221445394Z", "products": [ { "@id": "pkg:golang/k8s.io/kms", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:45.376836375Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:45.534318284Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:45.688306629Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:45.845271547Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:46.004562423Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:46.160512436Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:46.317681874Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:46.474167689Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:46.626235437Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:46.786175266Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:46.942186309Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:47.097055998Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:47.257044047Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:47.411803556Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:47.563744493Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:47.724064973Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:47.878758802Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:48.037684276Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:48.194685494Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:48.350423696Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:48.505504806Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:48.660809256Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:48.812727063Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:48.966305077Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:49.123047943Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:49.282658051Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:49.44005991Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:49.599840918Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:49.760837401Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:49.918674552Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:50.073865562Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:50.231525072Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:50.384803434Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:50.540424416Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:50.697440574Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:50.854445091Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:51.010705255Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:51.168493376Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:51.323298454Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:51.482662471Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:51.638134622Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:51.798981165Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:51.955779811Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:52.112193456Z", "products": [ { "@id": "pkg:golang/k8s.io/kms/plugins/mock@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:52.272152305Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:52.430257667Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:52.587881327Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:52.745873198Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:52.902005072Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:53.055050104Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:53.212846574Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:53.369685611Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:53.531114676Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:53.688124843Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:53.846968248Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:54.010718242Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:54.168466882Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:54.323838903Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:54.483391031Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:54.637052735Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:54.793748221Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:54.951966343Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:55.112266313Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:55.275983317Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:55.433201516Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:55.589333139Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:55.752868863Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:55.914528729Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:56.074418618Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:56.230330361Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:56.385829382Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:56.545053378Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:56.705423299Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:56.86594485Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:57.022377155Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:57.176723412Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:57.336839762Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:57.496840491Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:57.657125701Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:57.812128931Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:57.970745374Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:58.127888932Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:58.288244883Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:58.449612378Z", "products": [ { "@id": "pkg:golang/k8s.io/kms@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:58.612608379Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:58.770236755Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:58.931006841Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:59.093430045Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:59.253097587Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:59.412555258Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:59.56965356Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:59.734888614Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:31:59.897181376Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:00.058761216Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:00.217039753Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:00.378590072Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:00.5396372Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:00.703093157Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:00.867097016Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:01.026729318Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:01.194256511Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:01.353962363Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:01.514360328Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:01.672957096Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:01.833746303Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:01.995187612Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:02.154919544Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:02.32056516Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:02.48470207Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:02.646764981Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:02.810823791Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:02.971350256Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:03.130039984Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:03.288935504Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:03.447871713Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:03.613302238Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:03.772462428Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:03.932688032Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:04.097754115Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:04.259392105Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:04.422984453Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:04.57894248Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:04.742444158Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:04.902532851Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:05.065482766Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:05.226712715Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:05.38718068Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:05.546738602Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:05.707600238Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:05.875275402Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:06.032303674Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-aggregator@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:06.192270387Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:06.346379197Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:06.507303964Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:06.66294893Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:06.822841333Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:06.98357133Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:07.144382436Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:07.306800839Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:07.465877799Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:07.624549297Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:07.782690783Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:07.941216401Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:08.09769431Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:08.258264446Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:08.417933108Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:08.576037804Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:08.734816832Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:08.89829524Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:09.056856087Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:09.220865197Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:09.382396246Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:09.543040052Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:09.702899615Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:09.863701251Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:10.027235899Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:10.190285874Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:10.349791725Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:10.50775722Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:10.670099933Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:10.829877895Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:10.989364137Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:11.155825926Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:11.322547076Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:11.484782088Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:11.644066608Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:11.806628772Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:11.968289721Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:12.127940623Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:12.287710616Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:12.446220013Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:12.604213269Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:12.763004267Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:12.9227458Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:13.084068379Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:13.241452462Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:13.401931657Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:13.558499817Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-controller-manager@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:13.718065468Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:13.874012176Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:14.033861188Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:14.192703557Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:14.348688295Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:14.502964156Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:14.658430821Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:14.818315885Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:14.97570092Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:15.13420752Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:15.294469726Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:15.453840399Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:15.611862986Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:15.771655811Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:15.928924375Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:16.091633371Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:16.256122054Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:16.419393963Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:16.583326383Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:16.744944785Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:16.910246861Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:17.069941135Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:17.229976021Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:17.396124091Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:17.558174904Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:17.7209495Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:17.883582436Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:18.046648914Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:18.207471702Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:18.369845307Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:18.533802198Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:18.69543855Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:18.855366395Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:19.014863208Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:19.178189326Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:19.337118827Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:19.49908488Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:19.66021635Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:19.82399392Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:19.988592774Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:20.146872242Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:20.311017434Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:20.471428711Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:20.636127715Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:20.797442736Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:20.959350578Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:21.123593761Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-proxy@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:21.286259516Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:21.451211051Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:21.608191965Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:21.771743924Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:21.934050399Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:22.093568112Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:22.256097027Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:22.415886822Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:22.578738408Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:22.736772656Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:22.897238753Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:23.057961971Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:23.221289409Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:23.377926091Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:23.542176434Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:23.704635449Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:23.868003677Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:24.032284129Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:24.192465615Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:24.35974115Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:24.520305097Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:24.680861815Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:24.8434057Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:25.005447234Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:25.165486869Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:25.327273241Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:25.49070395Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:25.651231618Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:25.817187756Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:25.983275676Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:26.144161905Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:26.306952961Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:26.469383626Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:26.633186616Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:26.798170441Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:26.960209635Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:27.124142246Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:27.289241261Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:27.452096628Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:27.617175313Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:27.781222595Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:27.946574261Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:28.109254897Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:28.269484643Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:28.432713581Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:28.597254475Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:28.762011109Z", "products": [ { "@id": "pkg:golang/k8s.io/kube-scheduler@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:28.926498592Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:29.090100372Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:29.252855208Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:29.412951884Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:29.57320368Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:29.731161477Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:29.891664234Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:30.055525485Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:30.219440426Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:30.381519199Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:30.54042669Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:30.70163492Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:30.868740594Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:31.031215129Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:31.198480606Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:31.358417975Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:31.521419685Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:31.686650834Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:31.845792149Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:32.010769618Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:32.177545923Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:32.342674932Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:32.505624612Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:32.66536184Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:32.826462332Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:32.989137762Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:33.150912647Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:33.313350875Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:33.475794344Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:33.637982711Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:33.80066343Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:33.965033976Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:34.127514144Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:34.289574851Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:34.452110849Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:34.612023837Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:34.780006448Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:34.940774819Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:35.104045311Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:35.265633735Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:35.42476666Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:35.58749124Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:35.747467978Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:35.911395052Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:36.074928945Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:36.237759574Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:36.400101952Z", "products": [ { "@id": "pkg:golang/k8s.io/kubectl@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:36.558175603Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:36.717306488Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:36.877843809Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:37.036453141Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:37.202701165Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:37.363509106Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:37.52220378Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:37.686283154Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:37.845959551Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:38.010857559Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:38.175395916Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:38.33431761Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:38.494132268Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:38.658830915Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:38.818313091Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:38.982809588Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:39.144117601Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:39.310410285Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:39.476246897Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:39.636763127Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:39.800555511Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:39.962802168Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:40.12352422Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:40.283626128Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:40.443970288Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:40.601111705Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:40.761246014Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:40.927797189Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:41.089855085Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:41.252182703Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:41.420696806Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:41.582746522Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:41.745501362Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:41.909114885Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:42.069723145Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:42.234822874Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:42.395060164Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:42.556731939Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:42.718916506Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:42.884467367Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:43.05078352Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:43.211347501Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:43.372829335Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:43.537640343Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:43.699407568Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:43.86280156Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:44.026113492Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:44.189962426Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:44.356618711Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:44.519108589Z", "products": [ { "@id": "pkg:golang/k8s.io/kubelet@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:44.685567923Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:44.85003842Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:45.019276265Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:45.18589291Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:45.35384508Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:45.525433674Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:45.689195958Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:45.853384123Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:46.022078406Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:46.189653865Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:46.357612665Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:46.520067953Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:46.686399837Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:46.854737689Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:47.022384068Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:47.184907186Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:47.35141444Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:47.518734966Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:47.685034739Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:47.847926728Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:48.017860935Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:48.182718802Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:48.349601327Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:48.510485598Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:48.681845921Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:48.84988362Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:49.017012377Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:49.184749635Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:49.351003677Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:49.518880396Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:49.68540475Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:49.849958315Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:50.018480867Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:50.182176079Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:50.346080592Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:50.509782555Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:50.676619569Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:50.844516299Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:51.007737509Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:51.172773497Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:51.338038605Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:51.503913086Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:51.672105486Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:51.839162142Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:52.003017605Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:52.16742156Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:52.332129596Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:52.499002561Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:52.662575583Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:52.826858557Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:52.990088328Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:53.152707596Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:53.314550441Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:53.479416348Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:53.647908029Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:53.809556893Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:53.975999916Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:54.138370503Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:54.301758704Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:54.465909279Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:54.634065469Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:54.79758497Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:54.958832023Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:55.123577929Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:55.284146089Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:55.448203983Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:55.609783017Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:55.772566855Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:55.940313554Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:56.105174651Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:56.271175132Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:56.436833152Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:56.602587333Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:56.769336317Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:56.931195912Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:57.097490255Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:57.259146789Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:57.425336161Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:57.587788998Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:57.749736014Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:57.910178373Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:58.074939469Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:58.237313056Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:58.399563573Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:58.565010712Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:58.726943337Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:58.895211718Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:59.060154615Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:59.224250449Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:59.386631326Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:59.551931055Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:59.718171437Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:32:59.883944818Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:00.047446029Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:00.209851416Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:00.373523108Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:00.537411541Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:00.701601266Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:00.862057895Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:01.028494188Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:01.190463514Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:01.351169204Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:01.515631529Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:01.680881848Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:01.848309305Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:02.01279049Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:02.173675062Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:02.339501902Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:02.504226079Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:02.669297156Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:02.830326638Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:02.993252187Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:03.159170178Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:03.324359893Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:03.486556202Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:03.65315955Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:03.818417872Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:03.98268514Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:04.146363256Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:04.312306961Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:04.481588449Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:04.64658258Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:04.812709426Z", "products": [ { "@id": "pkg:golang/k8s.io/metrics@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:04.979137553Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:05.146563793Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:05.311481884Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:05.479180506Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:05.651260936Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:05.823094645Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:05.989376511Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:06.153345038Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:06.318872511Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:06.487079805Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:06.656096562Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:06.822195388Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:06.98757436Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:07.154422319Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:07.323457366Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:07.4891903Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:07.652903586Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:07.819556884Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:07.988409331Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:08.155788061Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:08.32265638Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:08.4898631Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:08.651860079Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:08.820689325Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:08.988660199Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:09.155304216Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:09.317569626Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:09.482326936Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:09.647600738Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:09.815101709Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:09.980770783Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:10.14728584Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:10.315444514Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:10.480508276Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:10.644738953Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:10.808426489Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:10.97572505Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:11.143382231Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:11.309945919Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:11.483489014Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:11.651747139Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:11.815822766Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:11.984373141Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:12.15624349Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:12.32334065Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:12.497385688Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:12.663513123Z", "products": [ { "@id": "pkg:golang/k8s.io/pod-security-admission@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:12.828820916Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:12.995955395Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:13.160959567Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:13.325943857Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:13.489548293Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:13.655851689Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:13.824059653Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:13.988529152Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:14.156686616Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:14.326394296Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:14.49217099Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:14.65432132Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:14.81920573Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:14.98399164Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:15.150833619Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:15.318654671Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:15.486894426Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:15.654156036Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:15.821693977Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:15.984555749Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:16.15680107Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:16.32894904Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:16.499709685Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:16.665032897Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:16.832836509Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:16.996086563Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:17.162098948Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:17.330486183Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:17.499070629Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:17.668348677Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:17.839680784Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:18.00349898Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:18.167942799Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:18.332151727Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:18.496503955Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:18.660601703Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:18.82961779Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:18.997505113Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:19.165755407Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:19.330990389Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:19.500105427Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:19.668229733Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:19.83293282Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:19.997776297Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:20.164808983Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:20.329833511Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:20.49747668Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-apiserver@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:20.660030438Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:20.823946241Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:20.985323615Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:21.152999703Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:21.316227584Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:21.48064438Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:21.648464009Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:21.816247048Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:21.979587089Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:22.148486833Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:22.31070898Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:22.480500206Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:22.645750805Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:22.80981368Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:22.971731915Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:23.136524422Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:23.302053242Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:23.465547174Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:23.63243759Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:23.798224531Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:23.965910959Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:24.130960547Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:24.295980215Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:24.462028107Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:24.6255599Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:24.786823883Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:24.950922007Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:25.120100571Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:25.286678146Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:25.454982737Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:25.620967419Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:25.787863624Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:25.954656579Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:26.117388608Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:26.287119405Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:26.455360406Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:26.622434132Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:26.789444158Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:26.95544554Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:27.117349385Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:27.284804903Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:27.451335527Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:27.61752967Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:27.783643002Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:27.945269386Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:28.108502587Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:28.278313364Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-cli-plugin@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:28.441822716Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:28.607665227Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:28.774743604Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:28.944641001Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:29.111565287Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:29.281656495Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:29.447839217Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:29.611762821Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:29.778265665Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:29.943525974Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:30.105327639Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:30.270945819Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:30.434882933Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:30.598059684Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:30.764707378Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:30.932138546Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:31.104183482Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:31.268483697Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:31.435652674Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:31.598925945Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:31.764309224Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:31.932108433Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:32.099820162Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:32.270048311Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:32.433556032Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:32.601521962Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:32.769892504Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:32.937459252Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.30.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:33.100452682Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.30.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:33.268756793Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.30.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:33.438794631Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.30.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:33.606103768Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.30.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:33.774408019Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.30.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:33.941858327Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:34.110575109Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:34.278023907Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:34.447702924Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:34.613505405Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:34.777592319Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:34.940303108Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:35.105562427Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.31.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:35.2745196Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:35.446603946Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.32.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:35.614555406Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.32.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:35.784583684Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:35.96169962Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:36.13718573Z", "products": [ { "@id": "pkg:golang/k8s.io/sample-controller@v1.32.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:36.312296418Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:36.483104399Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.27.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:36.655340596Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cluster-api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:36.824757732Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:36.996072465Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:37.16544017Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cri-tools@v1.31.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:37.335765029Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/cri-tools@v1.32.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.30.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:37.508098596Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:37.680424373Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:37.847201468Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:38.010263499Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server@v0.7.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:38.181712022Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/metrics-server@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.28.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:38.355728816Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:38.531104835Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:38.701214894Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:38.871355212Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.14.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:39.038634929Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.15.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:39.206200237Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/node-feature-discovery@v0.15.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45338", "aliases": [ "GHSA-w32m-9786-jp63", "GO-2024-3333" ] }, "timestamp": "2025-07-16T13:33:39.3750595Z", "products": [ { "@id": "pkg:golang/sigs.k8s.io/prometheus-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/net@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:39.544175725Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:39.717600576Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:39.888533238Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:40.056885299Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:40.23013803Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:40.396817325Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:40.568399419Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:40.735284974Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:40.907977283Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:41.077149897Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:41.251160531Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:41.424663613Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:41.59687346Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:41.764858659Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.0.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:41.935922641Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.7", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:42.100933639Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:42.26667556Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:42.438546346Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:42.606115914Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:42.781608493Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:42.95626813Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:43.128827758Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:43.300471022Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:43.478200341Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:43.651873563Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:43.817837305Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:43.992394061Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:44.168584374Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:44.343937403Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:44.516425711Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:44.691385228Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:44.867655221Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:45.037391208Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:45.20582074Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:45.375581106Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:45.549135668Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:45.722981122Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:45.894023564Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:46.068893751Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:46.238910829Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:46.409919901Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:46.581163383Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:46.750245328Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:46.919358092Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:47.087369832Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.4.3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:47.259171327Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:47.43038616Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-dev.2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:47.60096395Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:47.772909585Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:47.943037544Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:48.109698008Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:48.281214522Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:48.456458981Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:48.626454529Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:48.796515337Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:48.967379838Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:49.137907938Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:49.314161971Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:49.485733765Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:49.665886293Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:49.837688868Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:50.015358547Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:50.188556737Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:50.357922943Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.1.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-45339", "aliases": [ "GHSA-6wxm-mpqj-6jpf", "GO-2025-3372" ] }, "timestamp": "2025-07-16T13:33:50.52532871Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang/glog@v1.2.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:50.69838541Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:50.871559781Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.3" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:51.047721743Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:51.21752636Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.15.5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:51.384474926Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:51.557445315Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:51.729411631Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:51.896603248Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:52.065828133Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:52.24305091Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:52.410228647Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:52.585868368Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:52.75430826Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:52.924531629Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:53.098356633Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:53.273889943Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:53.445429698Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:53.615558457Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:53.788607617Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:53.961632388Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:54.137945001Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:54.313529992Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:54.490359097Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:54.660846568Z", "products": [ { "@id": "pkg:golang/github.com/minio/mc", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:54.837808554Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:55.013143983Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:55.193161592Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:55.366096852Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:55.535411507Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:55.710012754Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:55.885039712Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:56.05496051Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:56.227398879Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.28.13-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:56.397640618Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241012053846-6cbbd2736730-build20241014", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:56.568202508Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241016053521-9510ac25fefb-build20241016", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:56.743557708Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.3-build20240515", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:56.917631823Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.8-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:57.087832172Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250612", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:57.259182286Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250613", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:57.429928187Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.4-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:57.601690662Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241012053748-29fd916cc958-build20241014", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:57.771112978Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241016053533-5ec454f50e7a-build20241016", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:57.943880868Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.0-build20240910", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:58.11991306Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241012053821-d74ad4253a54-build20241014", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:58.293859124Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241016053446-0955fa330f90-build20241016", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:58.466838924Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.9-rc1.0.20250516171836-812206503b28-build20250612", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:58.642475915Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc2.0.20241220224140-68fbd1a6b543-build20241231", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:58.814302461Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc3.0.20241220224140-68fbd1a6b543-build20250101", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:58.985704355Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.5-rc1.0.20250516182639-8e8f2a4726fd-build20250612", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:59.160144551Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.0-rc1.0.20250430074337-dc03cb4b3faa-build20250430", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:59.337648689Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.1-0.20250516163953-99d91538b132-build20250612", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:59.511010801Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:59.684029491Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:33:59.857329343Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:00.027204081Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:00.202240459Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:00.377004056Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:00.553517001Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:00.731901053Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher128", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:00.908157906Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher129", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:01.083207704Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher130", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:01.259866569Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:01.439696697Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt@v3.2.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:01.619009162Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:01.799225571Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.14-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:01.978087405Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:02.156182596Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.5-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:02.337288648Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:02.519319665Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.8.6-rc3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt@v3.2.1+incompatible" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:02.698089168Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:02.87903949Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher@v2.9.8-rc1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:03.052749443Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:03.229344538Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.10.7", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:03.401241024Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.10", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:03.574895827Z", "products": [ { "@id": "pkg:golang/github.com/traefik/traefik/v2@v2.11.8", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:03.748037778Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:03.920198905Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:04.096473258Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:04.268304714Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:04.4428277Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:04.617035355Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:04.793260548Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:04.965784617Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdctl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:05.140855575Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:05.318733135Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.10", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:05.48779423Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.12", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:05.657519827Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.14", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:05.836036769Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.15", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:06.003016186Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.16", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:06.172407601Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.17", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:06.346389616Z", "products": [ { "@id": "pkg:golang/go.etcd.io/etcd/etcdutl/v3@v3.5.9", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:06.520658021Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:06.693663261Z", "products": [ { "@id": "pkg:golang/k8s.io/client-go@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:06.867653896Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:07.04179007Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:07.220020082Z", "products": [ { "@id": "pkg:golang/k8s.io/kubernetes@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:07.391491226Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:07.567327247Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:07.744345304Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:07.917086683Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.25.12", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:08.088391067Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.15", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:08.26450423Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.26.9", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.2.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:08.444045545Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:08.620470248Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.10", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:08.795465975Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.15", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:08.968382783Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.27.16", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.4.2" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:09.141785844Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.11", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:09.312746595Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.12", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:09.48235135Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.13", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:09.65825713Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.28.15", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:09.83381717Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:10.004468309Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.1", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:10.178198861Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.10", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:10.352455925Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.12", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:10.529226929Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.14", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:10.706508615Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.15", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:10.882031324Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.2", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:11.057291372Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.3", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:11.233526494Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.7", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-51744", "aliases": [ "GHSA-29wx-vh33-7x7r", "GO-2024-3250" ] }, "timestamp": "2025-07-16T13:34:11.40823493Z", "products": [ { "@id": "pkg:golang/k8s.io/legacy-cloud-providers@v1.29.9", "subcomponents": [ { "@id": "pkg:golang/github.com/golang-jwt/jwt/v4@v4.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-52280" }, "timestamp": "2025-07-16T13:34:11.582844906Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/steve@v0.0.0-20231016202603-993540401906" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "rancher/steve is a transitory dependency for the kube-api-auth, because rancher/rancher is a dependency, however it's not used in any way." }, { "vulnerability": { "name": "CVE-2024-52280" }, "timestamp": "2025-07-16T13:34:11.755727404Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/steve@v0.0.0-20240709130809-47871606146c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "rancher/steve is a transitory dependency for the kube-api-auth, because rancher/rancher is a dependency, however it's not used in any way." }, { "vulnerability": { "name": "CVE-2024-52280" }, "timestamp": "2025-07-16T13:34:11.932508148Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/github.com/rancher/steve@v0.0.0-20240913181958-99e479ba0f08" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "rancher/steve is a transitory dependency for the kube-api-auth, because rancher/rancher is a dependency, however it's not used in any way." }, { "vulnerability": { "name": "CVE-2024-8986", "aliases": [ "GHSA-xxxw-3j6h-q7h6", "GO-2024-3140" ] }, "timestamp": "2025-07-16T13:34:12.1085977Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/grafana/grafana-plugin-sdk-go@v0.218.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2024-8986", "aliases": [ "GHSA-xxxw-3j6h-q7h6", "GO-2024-3140" ] }, "timestamp": "2025-07-16T13:34:12.280613885Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/github.com/grafana/grafana-plugin-sdk-go@v0.234.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:12.451458385Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:12.627307275Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:12.794797732Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.15", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:12.96771093Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.16", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:13.142630757Z", "products": [ { "@id": "pkg:golang/github.com/Mirantis/cri-dockerd@v0.3.17-k3s1.32", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:13.322862885Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/kube-bench", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:13.494016097Z", "products": [ { "@id": "pkg:golang/github.com/aquasecurity/kube-bench@v0.10.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:13.671196292Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:13.840070535Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:14.014125658Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.14.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:14.188769133Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.15.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:14.35884929Z", "products": [ { "@id": "pkg:golang/github.com/brancz/kube-rbac-proxy@v0.18.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:14.530656515Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:14.705401291Z", "products": [ { "@id": "pkg:golang/github.com/buildpacks/lifecycle@v0.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:14.877683037Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:15.04939046Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:15.22494742Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:15.398853762Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:15.572946895Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.15.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:15.746271886Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:15.922885969Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:16.096667161Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:16.270870815Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:16.445983042Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:16.621641392Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.16.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:16.791456518Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.17.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:16.961125874Z", "products": [ { "@id": "pkg:golang/github.com/cilium/cilium@v1.17.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:17.13850312Z", "products": [ { "@id": "pkg:golang/github.com/cloudnativelabs/kube-router/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:17.312820524Z", "products": [ { "@id": "pkg:golang/github.com/cloudnativelabs/kube-router/v2@v2.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:17.489120497Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:17.663099899Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:17.836908462Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd/v2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:18.005884114Z", "products": [ { "@id": "pkg:golang/github.com/containerd/containerd@v1.7.27-k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:18.177326907Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220822191816-0ebed06d0094" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:18.347755066Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:18.523662666Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:18.696555935Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:18.869647954Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:19.043007464Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.10.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.3.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:19.219398497Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:19.39341544Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:19.567132812Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.12.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:19.740430012Z", "products": [ { "@id": "pkg:golang/github.com/coredns/coredns@v1.9.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220822191816-0ebed06d0094" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:19.912113335Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220223155221-ee480838109b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:20.084808483Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:20.258468935Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:20.430386579Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:20.605107865Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220223155221-ee480838109b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:20.775869335Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:20.949257925Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.32.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:21.120111726Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.40.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:21.291125016Z", "products": [ { "@id": "pkg:golang/github.com/derailed/k9s@v0.50.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:21.464551667Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:21.63843948Z", "products": [ { "@id": "pkg:golang/github.com/dexidp/dex@v2.37.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:21.809654451Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:21.982321739Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:22.157709597Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:22.330947117Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.21.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:22.504328238Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:22.676636344Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:22.849711563Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.25.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:23.025917885Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:23.200612751Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:23.375367817Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:23.551437338Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:23.726567455Z", "products": [ { "@id": "pkg:golang/github.com/flannel-io/flannel@v0.26.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:23.899097073Z", "products": [ { "@id": "pkg:golang/github.com/flavio/kuberlr", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:24.068594397Z", "products": [ { "@id": "pkg:golang/github.com/flavio/kuberlr", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:24.24740893Z", "products": [ { "@id": "pkg:golang/github.com/flavio/kuberlr@v0.5.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:24.421551763Z", "products": [ { "@id": "pkg:golang/github.com/flavio/kuberlr@v0.5.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:24.594312684Z", "products": [ { "@id": "pkg:golang/github.com/flavio/kuberlr@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:24.763943704Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:24.935954447Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:25.106616942Z", "products": [ { "@id": "pkg:golang/github.com/grafana/grafana", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:25.276526324Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220524215830-622c5d57e401" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:25.445865353Z", "products": [ { "@id": "pkg:golang/github.com/hairyhenderson/gomplate/v3@v3.11.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220524215830-622c5d57e401" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:25.620206377Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:25.793125214Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:25.968449752Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:26.140231253Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.6.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:26.312633788Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:26.488329838Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v0.7.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:26.660975714Z", "products": [ { "@id": "pkg:golang/github.com/harvester/docker-machine-driver-harvester@v1.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:26.841933011Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:27.016779278Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:27.190191997Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:27.363200784Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:27.536680974Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:27.706556675Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:27.881569253Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:28.053484655Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-cloud-provider@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:28.226267141Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:28.393358518Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:28.567938263Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:28.742002156Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:28.914764122Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:29.091065376Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:29.266006053Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.1.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.14.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:29.443938625Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:29.618234198Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:29.791498947Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-csi-driver@v0.2.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:29.966036092Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:30.138182355Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v0.4.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:30.314631599Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:30.487901008Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:30.662058771Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:30.834323375Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:31.012781419Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:31.184799441Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:31.35912642Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:31.538558068Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-dev.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:31.714525393Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:31.894908116Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:32.068683772Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:32.243213571Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:32.418018692Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-load-balancer@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:32.593854946Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:32.770370103Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.4.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:32.944913583Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v0.5.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:33.115925058Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:33.289694024Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:33.464414934Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:33.64057552Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:33.817465888Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:33.997221608Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:34.177869802Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:34.355775135Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:34.532619223Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:34.709311431Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester-network-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:34.885824778Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:35.060001686Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:35.232497387Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:35.411621725Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:35.586889657Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.4.3-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:35.767604261Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:35.943467235Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:36.115170493Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:36.291328579Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:36.471860912Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:36.649215663Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:36.823597221Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:36.996440054Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:37.17028458Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:37.346906838Z", "products": [ { "@id": "pkg:golang/github.com/harvester/harvester@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:37.521488347Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:37.695882036Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v0.1.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:37.870727266Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:38.045696387Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.0-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:38.221645082Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.0-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:38.394031063Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:38.569030064Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:38.740685762Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:38.916688067Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:39.091222496Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:39.263643447Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:39.431968631Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:39.609819973Z", "products": [ { "@id": "pkg:golang/github.com/harvester/networkfs-manager@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:39.785785478Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:39.962954898Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:40.137572298Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v0.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:40.310616471Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v0.7.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:40.489128766Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v0.7.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:40.666814768Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:40.838244986Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:41.010751479Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:41.188862624Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:41.361300787Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:41.530046185Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-disk-manager@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:41.701950825Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:41.878136803Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:42.058607188Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:42.235196057Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.2.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:42.411550466Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:42.585348064Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:42.757835797Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:42.927744169Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:43.10217174Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:43.277850806Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:43.449305085Z", "products": [ { "@id": "pkg:golang/github.com/harvester/node-manager@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:43.626630097Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:43.802806155Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:43.983220779Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v0.4.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:44.152482039Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:44.322960294Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-dev.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:44.500890369Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:44.677247137Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:44.852856393Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.0-rc5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:45.030428686Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:45.204601666Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-dev.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:45.379704909Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:45.561188628Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:45.736362012Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:45.906603486Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:46.085589405Z", "products": [ { "@id": "pkg:golang/github.com/harvester/pcidevices@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:46.259682304Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:46.431589655Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:46.608307635Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:46.785311316Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v0.3.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:46.958607202Z", "products": [ { "@id": "pkg:golang/github.com/harvester/seeder@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:47.131950228Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:47.305399095Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:47.481816604Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v0.3.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:47.653653924Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:47.828382216Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:48.003407069Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:48.178679433Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:48.351844859Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:48.529345012Z", "products": [ { "@id": "pkg:golang/github.com/harvester/vm-import-controller@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:48.704855317Z", "products": [ { "@id": "pkg:golang/github.com/hashicorp/consul", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:48.881681897Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:49.060895047Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:49.237820518Z", "products": [ { "@id": "pkg:golang/github.com/helm/helm-mapkubeapis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:49.413082862Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:49.591741639Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:49.766814703Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:49.940699271Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:50.118043074Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:50.295165775Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.5.1-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:50.471197522Z", "products": [ { "@id": "pkg:golang/github.com/heptiolabs/eventrouter@v1.6.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:50.641227525Z", "products": [ { "@id": "pkg:golang/github.com/jet/kube-webhook-certgen", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:50.818218876Z", "products": [ { "@id": "pkg:golang/github.com/jet/kube-webhook-certgen@v1.12.0-hardened11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:50.996562653Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/helm-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:51.173488313Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/helm-controller", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:51.349182439Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/helm-controller@v0.15.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:51.522386945Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/helm-controller@v0.16.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:51.692747769Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/helm-controller@v0.16.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:51.871319347Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:52.048754239Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:52.226010282Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:52.402785832Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.30.12-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:52.575050184Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:52.749616935Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.31.8-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:52.921135594Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:53.095506104Z", "products": [ { "@id": "pkg:golang/github.com/k3s-io/k3s@v1.32.4-rc1+k3s1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:53.271735582Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:53.445795281Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/network-resources-injector@v1.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:53.618123384Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:53.799089971Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:53.968388001Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin@v3.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:54.143102383Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-device-plugin@v3.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:54.319585852Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:54.495431438Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/sriov-network-operator@v1.3.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:54.669474177Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/whereabouts", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:54.847745483Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/whereabouts", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:55.023877921Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/whereabouts@v0.8.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:55.201164213Z", "products": [ { "@id": "pkg:golang/github.com/k8snetworkplumbingwg/whereabouts@v0.9.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:55.374110518Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:55.545044424Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:55.720841881Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:55.893669675Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:56.071377859Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.6.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:56.245619659Z", "products": [ { "@id": "pkg:golang/github.com/kiali/kiali@v1.89.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.19.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:56.422954921Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:56.59947716Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:56.777504365Z", "products": [ { "@id": "pkg:golang/github.com/kube-logging/logging-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.5.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:56.953009041Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20221014153046-6fdb5e3db783" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:57.127673084Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:57.310904482Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.6.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20221014153046-6fdb5e3db783" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:57.483292617Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.8.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:57.658053311Z", "products": [ { "@id": "pkg:golang/github.com/kube-vip/kube-vip@v0.8.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:57.83163463Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:58.004174375Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:58.187185342Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:58.363611153Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-attacher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:58.540721626Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:58.716417343Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:58.900262234Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-provisioner/v5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:59.072285377Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-resizer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:59.247921324Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-resizer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:59.422484587Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-resizer", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:59.597480962Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/client/v8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:59.776218742Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/client/v8@v8.3.0-20250709", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:34:59.946350657Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.1.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:00.125141588Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:00.304944932Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:00.481401883Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:00.660313693Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-csi/external-snapshotter/v8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:00.837507107Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:01.014981562Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:01.190224298Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:01.365047462Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:01.541789834Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.10.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:01.72205566Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.8.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:01.899946156Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.8.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:02.078759016Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cluster-proportional-autoscaler@v1.9.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:02.25831841Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220223155221-ee480838109b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:02.438972137Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:02.612131145Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:02.790086162Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:02.966525602Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.26.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220223155221-ee480838109b" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:03.14717261Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.28.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:03.327320616Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:03.502687632Z", "products": [ { "@id": "pkg:golang/github.com/kubernetes-sigs/cri-tools@v1.30.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:03.677603726Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:03.85722023Z", "products": [ { "@id": "pkg:golang/github.com/linode/docker-machine-driver-linode@v0.1.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.9.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:04.032272325Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/cli", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:04.210751064Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/cli", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:04.386705712Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/cli@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:04.563789006Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/cli@v1.8.2-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:04.741665902Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/cli@v1.8.2-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:04.917608521Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/cli@v1.8.2-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:05.095360637Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/cli@v1.9.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:05.276999348Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:05.454159962Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:05.62985868Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:05.80620918Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:05.983791935Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-instance-manager@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:06.16123211Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:06.341846707Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:06.524693694Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:06.698619074Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:06.877490195Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:07.056039394Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250406", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:07.236573401Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250420", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:07.421715157Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250504", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:07.598848011Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250518", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:07.775875514Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250601", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:07.95367962Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250615", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:08.13001654Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.6.5-dev-20250629", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:08.307771726Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:08.488449044Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:08.667322434Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:08.846566916Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.8.2-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:09.025625097Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.8.2-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:09.201142214Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.8.2-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:09.381568671Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-manager@v1.8.3-dev-20250615", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:09.559113096Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:09.738208968Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:09.911486186Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:10.085873838Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250223", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:10.263345403Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250309", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:10.442228633Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250323", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:10.619397747Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250406", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:10.788151627Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250420", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:10.966561695Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250504", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:11.140177784Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250518", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:11.315577471Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250601", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:11.493485918Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250615", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:11.670652871Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.6.5-dev-20250629", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:11.84670717Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.7.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:12.019009274Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.7.4-dev-20250223", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:12.198297336Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.7.4-dev-20250309", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:12.374947168Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.8.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:12.55422536Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:12.729695817Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.8.2-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:12.910448275Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.8.2-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:13.082002356Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.8.2-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:13.257338781Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.8.3-dev-20250615", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:13.436941154Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.9.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:13.618069292Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.9.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:13.794281601Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.9.0-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:13.968621413Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.9.0-rc3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:14.147391022Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.9.0-rc4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:14.324329294Z", "products": [ { "@id": "pkg:golang/github.com/longhorn/longhorn-share-manager@v1.9.1-dev-20250601", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:14.503986716Z", "products": [ { "@id": "pkg:golang/github.com/messagebird/sachet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20210514164344-f6687ab2804c" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:14.679471732Z", "products": [ { "@id": "pkg:golang/github.com/minio/minio", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:14.855504461Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:15.02933083Z", "products": [ { "@id": "pkg:golang/github.com/open-policy-agent/gatekeeper/v3@v3.13.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:15.205316158Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:15.382710411Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:15.560862248Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.28.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:15.73542719Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.28.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:15.911158067Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:16.08831897Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:16.265109051Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/api@v3.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:16.442973097Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:16.619786938Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:16.798872599Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:16.974778256Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:17.154305498Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:17.333129938Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.26.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.7.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:17.508235022Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:17.684545082Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:17.861140262Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.27.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:18.041546058Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.28.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:18.220894669Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.28.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:18.399204107Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.29.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:18.57915547Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.29.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:18.753562142Z", "products": [ { "@id": "pkg:golang/github.com/projectcalico/calico@v3.29.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:18.927833303Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:19.103981742Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator/pkg/client", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:19.288975006Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator/pkg/client@v0.80.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:19.468043416Z", "products": [ { "@id": "pkg:golang/github.com/prometheus-operator/prometheus-operator@v0.80.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:19.646667935Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220909003341-f21342109be1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:19.826473178Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:20.004675115Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:20.18488184Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:20.359754824Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.25.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20220909003341-f21342109be1" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:20.538230082Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.26.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:20.714640792Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.27.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:20.89336998Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/alertmanager@v0.28.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:21.072906473Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:21.254456423Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:21.43270468Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.7.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:21.612232262Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/node_exporter@v1.8.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.18.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:21.790108868Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:21.974102118Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:22.156247461Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:22.335483172Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:22.513056326Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:22.691906266Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:22.873383786Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.302.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:23.052715657Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:23.234335028Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:23.414793414Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.50.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:23.595651782Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.53.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:23.779016369Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v0.55.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:23.95811422Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.42.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:24.135113412Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.45.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:24.31352279Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.50.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:24.491004574Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.53.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:24.667988566Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v2.55.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:24.849062554Z", "products": [ { "@id": "pkg:golang/github.com/prometheus/prometheus@v3.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:25.021194587Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:25.193777061Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:25.37498027Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:25.550595956Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:25.725213459Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:25.902327431Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:26.077908488Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.4-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:26.254066906Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.4-rc.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:26.427407844Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:26.604095744Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.5-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:26.781322357Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:26.960577178Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.6-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:27.134735609Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.10.7-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:27.309725493Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:27.49031335Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.11.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:27.672169111Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.11.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:27.85083438Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.11.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:28.032056019Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:28.209791334Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.11.3-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:28.387434939Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.11.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:28.56681779Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.9.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:28.743637492Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.9.10-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:28.919309898Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.9.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:29.099110442Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.9.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:29.277234188Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.9.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:29.455529826Z", "products": [ { "@id": "pkg:golang/github.com/rancher/aks-operator@v1.9.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:29.633857113Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:29.813489626Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:29.991592853Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:30.172976403Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:30.349594513Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:30.52761841Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:30.705373025Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:30.885917201Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:31.064118948Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:31.245252857Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:31.427870482Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:31.604453333Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:31.784872189Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:31.964470241Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:32.144789147Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:32.323265785Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:32.505621199Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:32.685431682Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:32.864365452Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:33.043974675Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:33.226155308Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:33.408808083Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:33.587780973Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator/tests@v8.0.0-rc.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:33.764931746Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v0.0.0-kuberlr.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:33.943360734Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v0.0.0-kuberlr.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:34.122163324Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v0.0.0-kuberlr.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:34.303647494Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v5.0.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:34.482345233Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v5.0.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:34.667293577Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v6.0.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:34.848335706Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v6.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:35.02838985Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v7.0.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:35.209440509Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v7.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:35.388569049Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v7.0.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:35.570980373Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v8.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:35.749455682Z", "products": [ { "@id": "pkg:golang/github.com/rancher/backup-restore-operator@v8.0.0-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:35.926042262Z", "products": [ { "@id": "pkg:golang/github.com/rancher/cis-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:36.105199343Z", "products": [ { "@id": "pkg:golang/github.com/rancher/cis-operator@v1.2.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:36.28331797Z", "products": [ { "@id": "pkg:golang/github.com/rancher/cis-operator@v1.2.7-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:36.460238042Z", "products": [ { "@id": "pkg:golang/github.com/rancher/cis-operator@v1.3.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:36.639919125Z", "products": [ { "@id": "pkg:golang/github.com/rancher/cis-operator@v1.3.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:36.821086094Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:36.998555698Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:37.174568196Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:37.359130009Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:37.539222753Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:37.716393776Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v3.0.1-rc2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:37.89370294Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v4.0.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:38.076343565Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v5.0.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:38.252344823Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v6.0.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:38.428313731Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v6.0.0-rc1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:38.607826313Z", "products": [ { "@id": "pkg:golang/github.com/rancher/csp-adapter@v7.0.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:38.780797649Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.20.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:38.958788346Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:39.139465863Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:39.314302616Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:39.493871239Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:39.670161778Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:39.850095102Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:40.027046554Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.5-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:40.208259623Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:40.384697253Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.6-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:40.563979295Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.10.7-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:40.741401599Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:40.919949907Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:41.09963366Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.1-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:41.279172492Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:41.454613119Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.2-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:41.632952736Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:41.810996033Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.3-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:41.988856378Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.11.4-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:42.169055073Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.10", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:42.343623176Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.10-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:42.524311513Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:42.706828007Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:42.885907978Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:43.062042277Z", "products": [ { "@id": "pkg:golang/github.com/rancher/eks-operator@v1.9.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:43.243109175Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:43.424530475Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:43.60224293Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:43.778936381Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:43.958718785Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:44.136922362Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.11", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:44.314772947Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.11-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:44.492468422Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.12", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:44.668748562Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.13", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:44.850734944Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.13-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:45.027755536Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:45.204091346Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:45.383049276Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.10.14-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:45.559458316Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:45.738768378Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.2-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:45.916065731Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:46.094390329Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:46.272520266Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.6-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:46.449900859Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.7", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:46.628506458Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:46.808262232Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.8-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:46.986620649Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:47.169008223Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:47.34947408Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.11.9-rc.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:47.532346856Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:47.713750876Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.0-rc.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:47.890216056Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:48.071524336Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:48.247018512Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:48.426142723Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:48.612408522Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.12.3-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:48.789885427Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.17", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:48.972402031Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.18", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.13.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:49.154028762Z", "products": [ { "@id": "pkg:golang/github.com/rancher/fleet@v0.9.5", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:49.330865324Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:49.507947376Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:49.686975867Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob@v0.9.24", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:49.863423857Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob@v0.9.25", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:50.039970737Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob@v0.9.26", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.11.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:50.219107368Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gitjob@v0.9.8", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:50.397311686Z", "products": [ { "@id": "pkg:golang/github.com/rancher/gke-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:50.577134389Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:50.754601043Z", "products": [ { "@id": "pkg:golang/github.com/rancher/helm-project-operator@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.0.0-20211104180415-d3ed0bb246c8" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:50.932102058Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:51.110059574Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:51.286782875Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:51.465095783Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.28.13-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.12.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:51.647790658Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241012053846-6cbbd2736730-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:51.833024364Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.10-0.20241016053521-9510ac25fefb-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:52.013277409Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.3-build20240515", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:52.192921902Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.29.8-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:52.374909384Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:52.554954299Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.13-rc1.0.20250516172343-e77f78ee9466-build20250613", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:52.733608178Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.4-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:52.914228415Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241012053748-29fd916cc958-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:53.094916052Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.30.6-0.20241016053533-5ec454f50e7a-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:53.276274812Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.0-build20240910", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.17.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:53.456793908Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241012053821-d74ad4253a54-build20241014", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:53.636828653Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.2-0.20241016053446-0955fa330f90-build20241016", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:53.817169269Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.31.9-rc1.0.20250516171836-812206503b28-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:53.99391435Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc2.0.20241220224140-68fbd1a6b543-build20241231", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:54.174449776Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.0-rc3.0.20241220224140-68fbd1a6b543-build20250101", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:54.352455723Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.32.5-rc1.0.20250516182639-8e8f2a4726fd-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:54.535456109Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.0-rc1.0.20250430074337-dc03cb4b3faa-build20250430", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:54.715302193Z", "products": [ { "@id": "pkg:golang/github.com/rancher/image-build-rke2-cloud-provider@v1.33.1-0.20250516163953-99d91538b132-build20250612", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:54.895024386Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:55.074355678Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:55.253986221Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:55.435777733Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.15.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:55.617299433Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.2", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:55.795087229Z", "products": [ { "@id": "pkg:golang/github.com/rancher/kube-api-auth@v0.2.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:55.971395788Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:56.144728866Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:56.324141088Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.28", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.8.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:56.50360846Z", "products": [ { "@id": "pkg:golang/github.com/rancher/local-path-provisioner@v0.0.30", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:56.683666755Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:56.86630072Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:57.048473923Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:57.22911951Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher112", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.10.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:57.410903431Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher118", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:57.589933762Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher124", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:57.769280294Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher125", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.22.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:57.957024869Z", "products": [ { "@id": "pkg:golang/github.com/rancher/machine@v0.15.0-rancher127", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:58.134845155Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:58.312117458Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:58.495327456Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:58.67295468Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v0.3.4", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.4.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:58.850099303Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v2.0.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:59.0306737Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v2.0.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:59.210937546Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v2.0.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:59.389449604Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v3.1.0-rc.3", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:59.567520861Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v3.2.0", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:59.749125221Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v3.2.0-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:35:59.928112622Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v3.2.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:00.107502124Z", "products": [ { "@id": "pkg:golang/github.com/rancher/prometheus-federator@v3.2.1-rc.1", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:00.290988352Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:00.470615835Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.21.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:00.651794934Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.23.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:00.833139124Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.24.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:01.014290273Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:01.194101687Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_in_execute_path", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:01.378412368Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.16.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:01.556925365Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.25.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_statement": "Govulncheck determined that the vulnerable code isn't called" }, { "vulnerability": { "name": "CVE-2025-22868", "aliases": [ "GO-2025-3488" ] }, "timestamp": "2025-07-16T13:36:01.732647901Z", "products": [ { "@id": "pkg:golang/github.com/rancher/rancher/pkg/apis", "subcomponents": [ { "@id": "pkg:golang/golang.org/x/oauth2@v0.26.0" } ] } ], "status": "not_affected", "justification": "vulnerable_code_not_present", "impact_sta