summaryrefslogtreecommitdiffhomepage
path: root/desktop/osv-scanner.toml
AgeCommit message (Collapse)AuthorFilesLines
2025-10-22Extend ignore of node-gettext vulnerabilityTobias Järvelöv1-1/+1
No fix exists and we do not send untrusted input to the affected addTranslations method. The vulnerability is ignored for 6 months as the affected library is not receiving updates and we can not patch the vulnerability without migrating to another library, which is no minor feat.
2025-09-24Remove ignore of patched vulnerabilitiesTobias Järvelöv1-11/+0
The vulnerabilities have been patched by updating vite to 7.1.7
2025-09-23Extend ignore of vite vulnerabilityTobias Järvelöv1-2/+2
See the following commit for more info about the ignored vulnerabilities: bc04272cbe1c2956ff31efcdccb313c1d69c5447
2025-09-11Ignore vite vulnerability for a weekTobias Järvelöv1-0/+12
The vulnerable code is only used in development and not in production and requires local system access to exploit. Fixing requires upgrading vite to a new major version, which will take a few days.
2025-09-05Ignore CVE-2025-55305Oskar1-0/+6
2025-07-18Bump ignore date for node-gettext vulnDavid Lönnhager1-1/+1
2025-04-17Extend ignore for CVE-2024-21528Tobias Järvelöv1-1/+1
2025-03-13Extend ignores for CVEsOliver1-3/+3
2025-01-17Extend ignore for CVE-2024-21528Oliver1-1/+1
2024-12-05Remove ignore for CVE-2020-7608Oliver1-6/+0
2024-12-05Extend ignore for CVE-2023-44270 and CVE-2024-4068Oliver1-2/+2
2024-11-26Extend ignore for CVE-2024-4067Oliver1-1/+1
2024-11-19Remove elliptic from osv-scanner ignore listOskar1-6/+0
2024-11-14Create workspace package.json and move osv-scanner.tomlOskar1-0/+37
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.