diff options
| -rw-r--r-- | desktop/osv-scanner.toml | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/desktop/osv-scanner.toml b/desktop/osv-scanner.toml index e46d80f173..b78346cac8 100644 --- a/desktop/osv-scanner.toml +++ b/desktop/osv-scanner.toml @@ -23,3 +23,9 @@ reason = "This is just a dev dependency, and we don't have untrusted input to mi id = "CVE-2024-21528" # GHSA-g974-hxvm-x689 ignoreUntil = 2025-10-17 reason = "There is no fix yet and we don't send untrusted input to the first argument of addTranslations" + +# electron: Electron has ASAR Integrity Bypass via resource modification +[[IgnoredVulns]] +id = "CVE-2025-55305" # GHSA-vmqv-hx8q-j7mg +ignoreUntil = 2025-12-04 +reason = "The embeddedAsarIntegrityValidation and onlyLoadAppFromAsar fuses aren't enabled" |