summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
Diffstat
-rw-r--r--wireguard-go-rs/libwg/osv-scanner.toml7
1 files changed, 7 insertions, 0 deletions
diff --git a/wireguard-go-rs/libwg/osv-scanner.toml b/wireguard-go-rs/libwg/osv-scanner.toml
index b91ed33854..dfc9ede9bc 100644
--- a/wireguard-go-rs/libwg/osv-scanner.toml
+++ b/wireguard-go-rs/libwg/osv-scanner.toml
@@ -143,3 +143,10 @@ reason = "wireguard-go does not use encoding/asn1"
id = "CVE-2025-58186" # GO-2025-4012
ignoreUntil = 2026-10-30
reason = "wireguard-go does not use net/http"
+
+# Panic when validating certificates with DSA public keys (crypto/x509)
+# This affects programs which validate arbitrary certificate chains
+[[IgnoredVulns]]
+id = "CVE-2025-58188" # GO-2025-4013
+ignoreUntil = 2026-10-30
+reason = "'This affects programs which validate arbitrary certificate chains.' wireguard-go does not do that"
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.