[GHSA-86rg-pf4c-5grg] add credit for CVE-2023-6944

[pfeifferj]

Inline with Open Source Vulnerability format and as supported in version 1.4.0 - adding credits field per original disclosure report and references provided in this CVE

[shelbyc]

Hi @pfeifferj, the only credit that I can add to an advisory that's not based on a repository advisory is analyst credit. We can't add the finder label to global advisories; only code owners publishing repo GitHub Security Advisories can add the finder label to their repo advisory, which is then reflected in the corresponding global advisory. Are you OK with having credit linked in the advisory alongside the analyst label?

[pfeifferj]

hi @shelbyc

I understand the situation. yes, I'm ok with having credit linked in the advisory alongside the analyst label. that would be appreciated!

just to confirm - you'll add the credit with the analyst label to the advisory? I didn't see such a label anywhere else in the repo

[advisory-database]

Hi @pfeifferj! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!

[shelbyc]

Hi @pfeifferj, you should be able to see a credit on the advisory with the Analyst label next to your GitHub handle. I also added https://www.cve.org/CVERecord?id=CVE-2023-6944 to the list of reference links so that people can find the original CVE record with your full name listed as reporter in the CVE credit section.