Extend ignore of vite vulnerability

See the following commit for more info about the ignored vulnerabilities: bc04272cbe1c2956ff31efcdccb313c1d69c5447
author: Tobias Järvelöv <tobias.jarvelov@mullvad.net> 2025-09-23 10:06:26 +0200
committer: Tobias Järvelöv <tobias.jarvelov@mullvad.net> 2025-09-23 10:44:36 +0200
commit: 74b658182c6ee7d10f53affe1589bf0a4c0ee78a (patch)
tree: e05dbf74d7b7ae9ed639a70e2c9b71414a16a22a
parent: e8de26b5456432ef57d1316ea4cd321c84a0d2c3 (diff)
download: mullvadvpn-74b658182c6ee7d10f53affe1589bf0a4c0ee78a.tar.xz
mullvadvpn-74b658182c6ee7d10f53affe1589bf0a4c0ee78a.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/desktop/osv-scanner.toml b/desktop/osv-scanner.toml
index 72f6cc3e06..771ca110d4 100644
--- a/desktop/osv-scanner.toml
+++ b/desktop/osv-scanner.toml
@@ -33,11 +33,11 @@ reason = "The embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses aren
 # vite: The vulnerable code is only used in development and not in production and requires local system access to exploit.
 [[IgnoredVulns]]
 id = "CVE-2025-58751" # GHSA-g4jq-h2w9-997c
-ignoreUntil = 2025-09-17
+ignoreUntil = 2025-09-30
 reason = "Fixing requires upgrading vite to a new major version, which will take a few days."
 
 # vite: The vulnerable code is only used in development and not in production and requires local system access to exploit.
 [[IgnoredVulns]]
 id = "CVE-2025-58752" # GHSA-jqfw-vq24-v9c3
-ignoreUntil = 2025-09-17
+ignoreUntil = 2025-09-30
 reason = "Fixing requires upgrading vite to a new major version, which will take a few days."
author	Tobias Järvelöv <tobias.jarvelov@mullvad.net>	2025-09-23 10:06:26 +0200
committer	Tobias Järvelöv <tobias.jarvelov@mullvad.net>	2025-09-23 10:44:36 +0200
commit	74b658182c6ee7d10f53affe1589bf0a4c0ee78a (patch)
tree	e05dbf74d7b7ae9ed639a70e2c9b71414a16a22a
parent	e8de26b5456432ef57d1316ea4cd321c84a0d2c3 (diff)
download	mullvadvpn-74b658182c6ee7d10f53affe1589bf0a4c0ee78a.tar.xz mullvadvpn-74b658182c6ee7d10f53affe1589bf0a4c0ee78a.zip