summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
authorOliver <oliver@mohlin.dev>2024-12-05 09:27:01 +0100
committerOliver <oliver@mohlin.dev>2024-12-05 09:27:01 +0100
commitf871159a5706c4b142a694cc3f6832e031735c3f (patch)
tree10d5e3c5f8afc172fd5f6affbe544c7f0543c22c
parent4f0203156658ed7989e0c1d4498d76045aa84360 (diff)
downloadmullvadvpn-f871159a5706c4b142a694cc3f6832e031735c3f.tar.xz
mullvadvpn-f871159a5706c4b142a694cc3f6832e031735c3f.zip
Extend ignore for CVE-2023-44270 and CVE-2024-4068
-rw-r--r--desktop/osv-scanner.toml4
1 files changed, 2 insertions, 2 deletions
diff --git a/desktop/osv-scanner.toml b/desktop/osv-scanner.toml
index 58839334cd..11edd687ef 100644
--- a/desktop/osv-scanner.toml
+++ b/desktop/osv-scanner.toml
@@ -9,13 +9,13 @@ reason = "This package is only used to parse commands run by either us or truste
# PostCSS line return parsing error
[[IgnoredVulns]]
id = "CVE-2023-44270" # GHSA-7fh5-64p2-3v2j
-ignoreUntil = 2024-12-05
+ignoreUntil = 2025-03-05
reason = "This project does not use PostCSS to parse untrusted CSS"
# braces: Uncontrolled resource consumption
[[IgnoredVulns]]
id = "CVE-2024-4068" # GHSA-grv7-fg5c-xmjg
-ignoreUntil = 2024-12-05
+ignoreUntil = 2025-03-05
reason = "This package is only used to match paths from either us or trusted libraries"
# micromatch (dev): Regular Expression Denial of Service (ReDoS) in micromatch