diff options
| author | Markus Pettersson <markus.pettersson@mullvad.net> | 2025-01-28 10:01:06 +0100 |
|---|---|---|
| committer | Markus Pettersson <markus.pettersson@mullvad.net> | 2025-01-28 10:01:06 +0100 |
| commit | cc0d0981d3f70830afcac2643ea5017f6ba78831 (patch) | |
| tree | 3be9cee18a1c215e6eefd90b7b7e10c19ef1d7a4 | |
| parent | 3024a15c2177126dc0c96ca705ad3492ea84f18b (diff) | |
| download | mullvadvpn-cc0d0981d3f70830afcac2643ea5017f6ba78831.tar.xz mullvadvpn-cc0d0981d3f70830afcac2643ea5017f6ba78831.zip | |
Silence `CVE-2024-45336` & `CVE-2024-45341` in osv-scanner
| -rw-r--r-- | wireguard-go-rs/libwg/osv-scanner.toml | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/wireguard-go-rs/libwg/osv-scanner.toml b/wireguard-go-rs/libwg/osv-scanner.toml index 28fcf5b78c..c6fd4f3e2e 100644 --- a/wireguard-go-rs/libwg/osv-scanner.toml +++ b/wireguard-go-rs/libwg/osv-scanner.toml @@ -28,3 +28,15 @@ reason = "wireguard-go does not use the affected code" id = "GHSA-w32m-9786-jp63" # GO-2024-3333 ignoreUntil = 2025-03-19 reason = "wireguard-go does not use the affected code" + +# Sensitive headers incorrectly sent after cross-domain redirect in net/http +[[IgnoredVulns]] +id = "CVE-2024-45336" # GO-2025-3420 +ignoreUntil = 2025-04-28 +reason = "wireguard-go does not use the affected code" + +# Usage of IPv6 zone IDs can bypass URI name constraints in crypto/x509 +[[IgnoredVulns]] +id = "CVE-2024-45341" # GO-2025-3373 +ignoreUntil = 2025-04-28 +reason = "wireguard-go does not use the affected code" |