blob: 3401445f5afc9022efcfb5ad06586a86501911b0 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
|
# See repository root `osv-scanner.toml` for instructions and rules for this file.
# PostCSS line return parsing error
[[IgnoredVulns]]
id = "CVE-2023-44270" # GHSA-7fh5-64p2-3v2j
ignoreUntil = 2025-03-05
reason = "This project does not use PostCSS to parse untrusted CSS"
# braces: Uncontrolled resource consumption
[[IgnoredVulns]]
id = "CVE-2024-4068" # GHSA-grv7-fg5c-xmjg
ignoreUntil = 2025-03-05
reason = "This package is only used to match paths from either us or trusted libraries"
# micromatch (dev): Regular Expression Denial of Service (ReDoS) in micromatch
[[IgnoredVulns]]
id = "CVE-2024-4067" # GHSA-952p-6rrq-rcjv
ignoreUntil = 2025-02-23
reason = "This is just a dev dependency, and we don't have untrusted input to micromatch there"
# node-gettext: Prototype Pullution via the addTranslations function
[[IgnoredVulns]]
id = "CVE-2024-21528" # GHSA-g974-hxvm-x689
ignoreUntil = 2025-04-17
reason = "There is no fix yet and we don't send untrusted input to the first argument of addTranslations"
|
