From 3590d995eb336c6cf92b82fbc7a841e6ee7645c0 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Wed, 26 Jun 2024 08:44:13 +0000
Subject: [PATCH] Adding Advisory GHSA-xfhp-jf8p-mh5w for trivy (#6094)

Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
 trivy.advisories.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/trivy.advisories.yaml b/trivy.advisories.yaml
index b8a70711a..134618bc9 100644
--- a/trivy.advisories.yaml
+++ b/trivy.advisories.yaml
@@ -92,6 +92,24 @@ advisories:
           type: vulnerability-record-analysis-contested
           note: 'This is not a vulnerability. Learn more about the response from Helm: https://helm.sh/blog/response-cve-2019-25210'
 
+  - id: CGA-7rq5-jph4-8hg2
+    aliases:
+      - CVE-2024-6257
+      - GHSA-xfhp-jf8p-mh5w
+    events:
+      - timestamp: 2024-06-26T08:42:10Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: trivy
+            componentID: 78372d81a8ec1ae0
+            componentName: github.com/hashicorp/go-getter
+            componentVersion: v1.7.4
+            componentType: go-module
+            componentLocation: /usr/bin/trivy
+            scanner: grype
+
   - id: CGA-9p49-67j6-3fwx
     aliases:
       - CVE-2024-26147