diff options
Diffstat (limited to 'ci')
| -rw-r--r-- | ci/ios/upload-vm/Gemfile.lock | 2 | ||||
| -rw-r--r-- | ci/ios/upload-vm/osv-scanner.toml | 8 |
2 files changed, 1 insertions, 9 deletions
diff --git a/ci/ios/upload-vm/Gemfile.lock b/ci/ios/upload-vm/Gemfile.lock index da9e7d9f5a..3217ce338b 100644 --- a/ci/ios/upload-vm/Gemfile.lock +++ b/ci/ios/upload-vm/Gemfile.lock @@ -171,7 +171,7 @@ GEM trailblazer-option (>= 0.1.1, < 0.2.0) uber (< 0.2.0) retriable (3.1.2) - rexml (3.3.5) + rexml (3.3.6) strscan rouge (2.0.7) ruby2_keywords (0.0.5) diff --git a/ci/ios/upload-vm/osv-scanner.toml b/ci/ios/upload-vm/osv-scanner.toml deleted file mode 100644 index 1a26a0cfe2..0000000000 --- a/ci/ios/upload-vm/osv-scanner.toml +++ /dev/null @@ -1,8 +0,0 @@ -# See repository root `osv-scanner.toml` for instructions and rules for this file. - -# rexml: The REXML gem before 3.3.6 has a DoS vulnerability when it parses an XML -# that has many deep elements that have same local name attributes. -[[IgnoredVulns]] -id = "CVE-2024-43398" # GHSA-952p-6rrq-rcjv -ignoreUntil = 2024-11-23 -reason = "rexml only parses trusted input (responses from Apple's APIs) in this code" |
