diff options
| -rw-r--r-- | desktop/osv-scanner.toml | 10 |
1 files changed, 2 insertions, 8 deletions
diff --git a/desktop/osv-scanner.toml b/desktop/osv-scanner.toml index 58839334cd..fc973f5e61 100644 --- a/desktop/osv-scanner.toml +++ b/desktop/osv-scanner.toml @@ -1,21 +1,15 @@ # See repository root `osv-scanner.toml` for instructions and rules for this file. -# yargs-parser Vulnerable to Prototype Pollution -[[IgnoredVulns]] -id = "CVE-2020-7608" # GHSA-p9pc-299p-vxgp -ignoreUntil = 2024-12-05 -reason = "This package is only used to parse commands run by either us or trusted libraries" - # PostCSS line return parsing error [[IgnoredVulns]] id = "CVE-2023-44270" # GHSA-7fh5-64p2-3v2j -ignoreUntil = 2024-12-05 +ignoreUntil = 2025-03-05 reason = "This project does not use PostCSS to parse untrusted CSS" # braces: Uncontrolled resource consumption [[IgnoredVulns]] id = "CVE-2024-4068" # GHSA-grv7-fg5c-xmjg -ignoreUntil = 2024-12-05 +ignoreUntil = 2025-03-05 reason = "This package is only used to match paths from either us or trusted libraries" # micromatch (dev): Regular Expression Denial of Service (ReDoS) in micromatch |