summaryrefslogtreecommitdiffhomepage
path: root/android/gradle/osv-scanner.toml
AgeCommit message (Collapse)AuthorFilesLines
2025-11-04Set ignore until for android to the correct yearJonatan Rhodin1-16/+16
2025-11-03Bump all osv-scanner ignores for android 3 monthsJonatan Rhodin1-16/+16
2025-09-17Ignore GHSA-2363-cqg2-863c as it is not relevantJonatan Rhodin1-0/+6
2025-09-05Push and align expiry datesDavid Göransson1-6/+6
2025-09-05Ignore CVE-2025-58056 on androidDavid Göransson1-0/+6
2025-09-04Ignore CVE-2025-58057 on androidJonatan Rhodin1-0/+6
2025-08-14Ignore CVE-2025-55163 as it only affects http2Jonatan Rhodin1-0/+6
2025-08-01Update android osv vulnsDavid Göransson1-24/+9
2025-06-13Bump netty related vulnsJonatan Rhodin1-3/+3
2025-05-02Push android vulnsAlbin1-11/+11
2025-05-02Order vulns according to osv-scanner outputAlbin1-21/+21
2025-03-12Suppress netty CVEsAlbin1-1/+13
2025-02-04Restore osv scanner vuln ignore that is still requiredJonatan Rhodin1-0/+9
2025-02-04Remove OWASP dependency check pluginAlbin1-7/+0
The OWASP DependencyCheck plugin has been replaced with `osv-scanner` which covers our use-case.
2025-02-03Bump dates of osv ignore vulnsJonatan Rhodin1-40/+11
2024-11-20Clarify osv-scanner ignoresJonatan Rhodin1-0/+14
2024-11-13Ignore CVE-2024-47535Albin1-0/+5
2024-10-31Push unresolved osv scanner ignores 3 monthsJonatan Rhodin1-15/+15
2024-10-31Remove no longer relevant osv scanner ignoresJonatan Rhodin1-15/+0
2024-10-04Suppress CVE-2024-47554Albin1-0/+5
2024-09-23Suppress CVE-2024-7254Jonatan Rhodin1-0/+5
2024-09-04Bump agp related vulnerabilities one monthJonatan Rhodin1-3/+3
2024-08-07Add GHSA-xpw8-rcwv-8f8p to osv scanner ignoreJonatan Rhodin1-0/+6
2024-08-06Bump dates for all osv scanner ignored vulns and added reasonsJonatan Rhodin1-36/+31
2024-07-09Ignore android vulnerabilities reported by osv-scannerAlbin1-0/+89
Temporarily ignoring all reported android vulnerabilites with a one month deadline for osv-scanner that we are adding to our suite of tools. The reason for this is that we plan to examine the vulnerabilites and bootstrap this file with proper ignore reasons (or address by bumping dependencies). Also worth mentioning that we're already using the OWASP Dependency-Check tool for the android code base as of before.
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.