Skip to content
This repository has been archived by the owner on Jul 2, 2024. It is now read-only.

Commit

Permalink
fix: add CVE-2024-4068 to .trivyignore.yaml (#177)
Browse files Browse the repository at this point in the history
  • Loading branch information
@ruzickap
ruzickap committed Jun 16, 2024
1 parent f231cf4 commit 953b432
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 1 deletion.
1 change: 0 additions & 1 deletion .github/workflows/mega-linter.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -34,7 +34,6 @@ jobs:
# Extract: ```bash ... ```
sed -n "/^ \`\`\`\(bash\|shell\)$/,/^ \`\`\`$/p" "${FILE}" | sed '/^ ```*/d; s/^ //' >> README.sh
done
ls -la README.sh
chmod a+x README.sh
- name: πŸ’‘ MegaLinter
Expand Down
2 changes: 2 additions & 0 deletions .trivyignore.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,4 +1,6 @@
vulnerabilities:
# β”‚ braces β”‚ CVE-2024-4068 β”‚ HIGH β”‚ fixed β”‚ 2.3.2 β”‚ 3.0.3 β”‚ braces: fails to limit the number of characters it can β”‚
- id: CVE-2024-4068
# β”‚ glob-parent β”‚ CVE-2020-28469 β”‚ HIGH β”‚ fixed β”‚ 3.1.0 β”‚ 5.1.2 β”‚ Regular expression denial of service β”‚
- id: CVE-2020-28469
# β”‚ json5 β”‚ CVE-2022-46175 β”‚ HIGH β”‚ fixed β”‚ 0.5.1 β”‚ 2.2.2, 1.0.2 β”‚ json5: Prototype Pollution in JSON5 via Parse Method β”‚
Expand Down

0 comments on commit 953b432

Please sign in to comment.