diff options
| author | David Göransson <david.goransson@mullvad.net> | 2026-03-30 09:18:38 +0200 |
|---|---|---|
| committer | David Göransson <david.goransson@mullvad.net> | 2026-03-30 09:19:58 +0200 |
| commit | 9282e66bc0ac4173bcc36ac80ba7591c8ed619f7 (patch) | |
| tree | 073807054e8ad6e56aebcf0998e476033e69fb0c | |
| parent | bbbab6fc0275c3070473fd7cf35660fb7569b9ba (diff) | |
| download | mullvadvpn-add-new-cve-to-osv-scanner-ignore.tar.xz mullvadvpn-add-new-cve-to-osv-scanner-ignore.zip | |
Add ignores for new CVEsadd-new-cve-to-osv-scanner-ignore
Adds ignores for CVE-2026-33870 and CVE-2026-33871, both are not
applicable to our app since we use netty for communication between
daemon and client over a protected UDS.
| -rw-r--r-- | android/gradle/osv-scanner.toml | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/android/gradle/osv-scanner.toml b/android/gradle/osv-scanner.toml index dcf510c915..8935b0a4d7 100644 --- a/android/gradle/osv-scanner.toml +++ b/android/gradle/osv-scanner.toml @@ -101,6 +101,7 @@ reason = "Denial-of-Service condition is not relevant." [[IgnoredVulns]] id = "CVE-2026-33870" # GHSA-pwqr-wmgm-9rr8 ignoreUntil = 2026-05-01 +<<<<<<< Updated upstream reason = "The app does not use netty for external http communication" # Netty HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass @@ -108,3 +109,13 @@ reason = "The app does not use netty for external http communication" id = "CVE-2026-33871" # GHSA-w9fj-cfpg-grvv ignoreUntil = 2026-05-01 reason = "The app does not use netty for external http communication" +||||||| Stash base +======= +reason = "No impact since we use UDS for local communication only." + +# Netty: HTTP/2 CONTINUATION Frame Flood DoS via Zero-Byte Frame Bypass +[[IgnoredVulns]] +id = "CVE-2026-33871" # GHSA-w9fj-cfpg-grvv +ignoreUntil = 2026-05-01 +reason = "Denial-of-Service condition is not relevant." +>>>>>>> Stashed changes |