diff options
| author | Tobias Järvelöv <tobias.jarvelov@mullvad.net> | 2025-09-23 10:06:26 +0200 |
|---|---|---|
| committer | Tobias Järvelöv <tobias.jarvelov@mullvad.net> | 2025-09-23 10:44:36 +0200 |
| commit | 74b658182c6ee7d10f53affe1589bf0a4c0ee78a (patch) | |
| tree | e05dbf74d7b7ae9ed639a70e2c9b71414a16a22a /desktop | |
| parent | e8de26b5456432ef57d1316ea4cd321c84a0d2c3 (diff) | |
| download | mullvadvpn-74b658182c6ee7d10f53affe1589bf0a4c0ee78a.tar.xz mullvadvpn-74b658182c6ee7d10f53affe1589bf0a4c0ee78a.zip | |
Extend ignore of vite vulnerability
See the following commit for more info about the ignored
vulnerabilities: bc04272cbe1c2956ff31efcdccb313c1d69c5447
Diffstat (limited to 'desktop')
| -rw-r--r-- | desktop/osv-scanner.toml | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/desktop/osv-scanner.toml b/desktop/osv-scanner.toml index 72f6cc3e06..771ca110d4 100644 --- a/desktop/osv-scanner.toml +++ b/desktop/osv-scanner.toml @@ -33,11 +33,11 @@ reason = "The embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses aren # vite: The vulnerable code is only used in development and not in production and requires local system access to exploit. [[IgnoredVulns]] id = "CVE-2025-58751" # GHSA-g4jq-h2w9-997c -ignoreUntil = 2025-09-17 +ignoreUntil = 2025-09-30 reason = "Fixing requires upgrading vite to a new major version, which will take a few days." # vite: The vulnerable code is only used in development and not in production and requires local system access to exploit. [[IgnoredVulns]] id = "CVE-2025-58752" # GHSA-jqfw-vq24-v9c3 -ignoreUntil = 2025-09-17 +ignoreUntil = 2025-09-30 reason = "Fixing requires upgrading vite to a new major version, which will take a few days." |