summaryrefslogtreecommitdiffhomepage
diff options
context:
space:
mode:
-rw-r--r--desktop/osv-scanner.toml2
1 files changed, 1 insertions, 1 deletions
diff --git a/desktop/osv-scanner.toml b/desktop/osv-scanner.toml
index b44ff638b6..2109a3ba66 100644
--- a/desktop/osv-scanner.toml
+++ b/desktop/osv-scanner.toml
@@ -21,7 +21,7 @@ reason = "This is just a dev dependency, and we don't have untrusted input to mi
# node-gettext: Prototype Pullution via the addTranslations function
[[IgnoredVulns]]
id = "CVE-2024-21528" # GHSA-g974-hxvm-x689
-ignoreUntil = 2025-10-17
+ignoreUntil = 2026-04-16 # The vulnerability is ignored for 6 months as the affected library is not receiving updates and we can not patch the vulnerability without migrating to another library, which is no minor feat.
reason = "There is no fix yet and we don't send untrusted input to the first argument of addTranslations"
# electron: Electron has ASAR Integrity Bypass via resource modification