diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2024-09-18 10:59:01 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2024-09-18 10:59:01 +0200 |
| commit | cdef6650f38dba21052f1c6e0d5e9e2ebadf0d97 (patch) | |
| tree | 027fd5e2f7da40faeb80c340b20285e59d885f8d | |
| parent | 54e06148e788f7fd196d0bb15c349aca768d48c7 (diff) | |
| parent | 56b53271fcb1885af51ddfc340a9a49bcea49680 (diff) | |
| download | mullvadvpn-cdef6650f38dba21052f1c6e0d5e9e2ebadf0d97.tar.xz mullvadvpn-cdef6650f38dba21052f1c6e0d5e9e2ebadf0d97.zip | |
Merge branch 'ignore-go-parser-cves'
| -rw-r--r-- | wireguard-go-rs/libwg/osv-scanner.toml | 18 |
1 files changed, 18 insertions, 0 deletions
diff --git a/wireguard-go-rs/libwg/osv-scanner.toml b/wireguard-go-rs/libwg/osv-scanner.toml new file mode 100644 index 0000000000..d72ebe8f4e --- /dev/null +++ b/wireguard-go-rs/libwg/osv-scanner.toml @@ -0,0 +1,18 @@ + +# Stack exhaustion in Decoder.Decode in encoding/gob +[[IgnoredVulns]] +id = "CVE-2024-34156" # GO-2024-3106 +ignoreUntil = 2024-12-18 +reason = "wireguard-go does not use the affected code" + +# Stack exhaustion in Parse in go/build/constraint +[[IgnoredVulns]] +id = "CVE-2024-34158" # GO-2024-3107 +ignoreUntil = 2024-12-18 +reason = "wireguard-go does not use the affected code" + +# Stack exhaustion in all Parse functions in go/parser +[[IgnoredVulns]] +id = "CVE-2024-34155" # GO-2024-3105 +ignoreUntil = 2024-12-18 +reason = "wireguard-go does not use the affected code" |