diff options
| author | Oskar <oskar@mullvad.net> | 2024-12-05 09:42:03 +0100 |
|---|---|---|
| committer | Oskar <oskar@mullvad.net> | 2024-12-05 09:42:03 +0100 |
| commit | 5b6974bbbd6ffacc43bfd5ffe44e7a1f97b3d9ed (patch) | |
| tree | 7fa1fbb9aeae7ba05cd5851782ac5e5fb984a697 | |
| parent | 4f0203156658ed7989e0c1d4498d76045aa84360 (diff) | |
| parent | a703a2005b973445678d2b302584fb74b4a22da4 (diff) | |
| download | mullvadvpn-5b6974bbbd6ffacc43bfd5ffe44e7a1f97b3d9ed.tar.xz mullvadvpn-5b6974bbbd6ffacc43bfd5ffe44e7a1f97b3d9ed.zip | |
Merge branch 'extend-vulnerability-ignores'
| -rw-r--r-- | desktop/osv-scanner.toml | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/desktop/osv-scanner.toml b/desktop/osv-scanner.toml index 58839334cd..fc973f5e61 100644 --- a/desktop/osv-scanner.toml +++ b/desktop/osv-scanner.toml @@ -1,21 +1,15 @@ # See repository root `osv-scanner.toml` for instructions and rules for this file. -# yargs-parser Vulnerable to Prototype Pollution -[[IgnoredVulns]] -id = "CVE-2020-7608" # GHSA-p9pc-299p-vxgp -ignoreUntil = 2024-12-05 -reason = "This package is only used to parse commands run by either us or trusted libraries" - # PostCSS line return parsing error [[IgnoredVulns]] id = "CVE-2023-44270" # GHSA-7fh5-64p2-3v2j -ignoreUntil = 2024-12-05 +ignoreUntil = 2025-03-05 reason = "This project does not use PostCSS to parse untrusted CSS" # braces: Uncontrolled resource consumption [[IgnoredVulns]] id = "CVE-2024-4068" # GHSA-grv7-fg5c-xmjg -ignoreUntil = 2024-12-05 +ignoreUntil = 2025-03-05 reason = "This package is only used to match paths from either us or trusted libraries" # micromatch (dev): Regular Expression Denial of Service (ReDoS) in micromatch |