From 4286a0221076ef82380c08fe6793a638cd4af651 Mon Sep 17 00:00:00 2001
From: "octo-sts[bot]" <157150467+octo-sts[bot]@users.noreply.github.com>
Date: Tue, 5 Nov 2024 12:52:36 +0000
Subject: [PATCH] Adding Advisory GHSA-29wx-vh33-7x7r for
 tekton-pipelines-entrypoint (#8930)

Co-authored-by: octo-sts[bot] <157150467+octo-sts@users.noreply.github.com>
---
 tekton-pipelines.advisories.yaml | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/tekton-pipelines.advisories.yaml b/tekton-pipelines.advisories.yaml
index 52a1fa639..2507ec8cc 100644
--- a/tekton-pipelines.advisories.yaml
+++ b/tekton-pipelines.advisories.yaml
@@ -216,6 +216,24 @@ advisories:
         data:
           fixed-version: 0.60.2-r1
 
+  - id: CGA-fqg5-wq7m-qmm3
+    aliases:
+      - CVE-2024-51744
+      - GHSA-29wx-vh33-7x7r
+    events:
+      - timestamp: 2024-11-05T12:39:17Z
+        type: detection
+        data:
+          type: scan/v1
+          data:
+            subpackageName: tekton-pipelines-entrypoint
+            componentID: f9f18a2ecfedbe82
+            componentName: github.com/golang-jwt/jwt/v4
+            componentVersion: v4.5.0
+            componentType: go-module
+            componentLocation: /usr/bin/tekton-pipelines-entrypoint
+            scanner: grype
+
   - id: CGA-fx7v-7f27-h9x2
     aliases:
       - CVE-2023-45288