data/reports: add skip_fix to GO-2022-1180.yaml

Aliases: CVE-2022-47633, GHSA-m3cq-xcx9-3gvm Updates #1180 Change-Id: Ie879d730d352a9329bc7adf36180445bd94846d3 Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/466078 Run-TryBot: Tatiana Bradley <[email protected]> Reviewed-by: Tim King <[email protected]> TryBot-Result: Gopher Robot <[email protected]> Auto-Submit: Tatiana Bradley <[email protected]>
golang · Feb 7, 2023 · e7e5ce5 · e7e5ce5
1 parent 5de5ceb
commit e7e5ce5
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/data/reports/GO-2022-1180.yaml b/data/reports/GO-2022-1180.yaml
@@ -3,7 +3,7 @@ modules:
     versions:
       - introduced: 1.8.3
         fixed: 1.8.5
-    vulnerable_at: 1.8.4
+    vulnerable_at: 1.8.5-0.20221217180442-ef63302dc479
     packages:
       - package: github.com/kyverno/kyverno/pkg/engine
         symbols:
@@ -12,6 +12,7 @@ modules:
           - imageVerifier.verifyAttestors
           - imageVerifier.verifyAttestorSet
           - imageVerifier.verifyImage
+        skip_fix: 'TODO: revisit this reason (undefined: gojmespath.NotFoundError)'
 description: |
     `verifyImages` rules can be bypassed by a malicious proxy/registry.
 cves: