diff options
| author | David Lönnhager <david.l@mullvad.net> | 2025-06-13 15:16:49 +0200 |
|---|---|---|
| committer | David Lönnhager <david.l@mullvad.net> | 2025-06-13 15:30:12 +0200 |
| commit | 0465c3410258476ca326d62c50e660d284506836 (patch) | |
| tree | eb3f9597284878861313a8dfeebfe60c79b73c3a | |
| parent | bdf53b6a574621ba84b124491074bf8f2eefdb6f (diff) | |
| download | mullvadvpn-0465c3410258476ca326d62c50e660d284506836.tar.xz mullvadvpn-0465c3410258476ca326d62c50e660d284506836.zip | |
Ignore more irrelevant CVEs for wireguard-go
| -rw-r--r-- | wireguard-go-rs/libwg/osv-scanner.toml | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/wireguard-go-rs/libwg/osv-scanner.toml b/wireguard-go-rs/libwg/osv-scanner.toml index 68eb7d7958..968f1c24d8 100644 --- a/wireguard-go-rs/libwg/osv-scanner.toml +++ b/wireguard-go-rs/libwg/osv-scanner.toml @@ -70,3 +70,21 @@ reason = "wireguard-go does not use net/http" id = "CVE-2025-22872" # GO-2025-3595 ignoreUntil = 2025-09-12 reason = "wireguard-go does not use x/net/html" + +# Inconsistent handling of O_CREATE|O_EXCL on Unix and Windows in os in syscall +[[IgnoredVulns]] +id = "CVE-2025-0913" # GO-2025-3750 +ignoreUntil = 2025-09-12 +reason = "wireguard-go does not use OpenFile on Windows" + +# Sensitive headers not cleared on cross-origin redirect in net/http +[[IgnoredVulns]] +id = "CVE-2025-4673" # GO-2025-3751 +ignoreUntil = 2025-09-12 +reason = "wireguard-go does not use Proxy-Authorization or Proxy-Authenticate headers" + +# Usage of ExtKeyUsageAny disables policy validation in crypto/x509 +[[IgnoredVulns]] +id = "CVE-2025-22874" # GO-2025-3749 +ignoreUntil = 2025-09-12 +reason = "wireguard-go does not use crypto/x509" |