diff options
| author | Linus Färnstrand <linus@mullvad.net> | 2024-08-23 13:30:22 +0200 |
|---|---|---|
| committer | Linus Färnstrand <linus@mullvad.net> | 2024-08-23 13:30:42 +0200 |
| commit | a1be93fce7d375cc4571ae6bfca63a6fac22defe (patch) | |
| tree | 0c8088851227cb8eb0c0d978b1638d7309ac2b08 /gui | |
| parent | 16f87399c6e79e14703a08ac249989a1d674cfb7 (diff) | |
| download | mullvadvpn-a1be93fce7d375cc4571ae6bfca63a6fac22defe.tar.xz mullvadvpn-a1be93fce7d375cc4571ae6bfca63a6fac22defe.zip | |
Ignore micromatch CVE-2024-4067
Diffstat (limited to 'gui')
| -rw-r--r-- | gui/osv-scanner.toml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/gui/osv-scanner.toml b/gui/osv-scanner.toml index 968158fa7c..0818533318 100644 --- a/gui/osv-scanner.toml +++ b/gui/osv-scanner.toml @@ -42,3 +42,9 @@ reason = "We don't utilize the signing features in browserify" id = "CVE-2024-42459" # GHSA-f7q4-pwc6-w24p ignoreUntil = 2024-10-15 reason = "We don't utilize the signing features in browserify" + +# micromatch (dev): Regular Expression Denial of Service (ReDoS) in micromatch +[[IgnoredVulns]] +id = "CVE-2024-4067" # GHSA-952p-6rrq-rcjv +ignoreUntil = 2024-11-23 +reason = "This is just a dev dependency, and we don't have untrusted input to micromatch there" |