mirror of
https://github.com/fleetdm/fleet
synced 2026-04-28 08:57:30 +00:00
895194d63b
For #25902. --------- Co-authored-by: Sharon Katz <121527325+sharon-fdm@users.noreply.github.com>
26 lines
866 B
JSON
26 lines
866 B
JSON
{
|
|
"@context": "https://openvex.dev/ns/v0.2.0",
|
|
"@id": "https://openvex.dev/docs/public/vex-4ae6be0524ed5bb8eb3a53965dfe5622e11934c5fd45fbc45d4d647fdefed395",
|
|
"author": "@getvictor",
|
|
"timestamp": "2025-04-09T10:26:02.350331-03:00",
|
|
"version": 1,
|
|
"statements": [
|
|
{
|
|
"vulnerability": {
|
|
"name": "CVE-2023-32698"
|
|
},
|
|
"timestamp": "2025-04-09T10:26:02.350338-03:00",
|
|
"products": [
|
|
{
|
|
"@id": "fleetctl"
|
|
},
|
|
{
|
|
"@id": "pkg:golang/github.com/goreleaser/nfpm/v2"
|
|
}
|
|
],
|
|
"status": "not_affected",
|
|
"status_notes": "When packaging linux files, fleetctl does not use global permissions. It was verified that packed fleetd package files do not have group/global write permissions.",
|
|
"justification": "vulnerable_code_cannot_be_controlled_by_adversary"
|
|
}
|
|
]
|
|
}
|