-
Notifications
You must be signed in to change notification settings - Fork 6
Expand file tree
/
Copy path.trivyignore
More file actions
25 lines (21 loc) · 923 Bytes
/
.trivyignore
File metadata and controls
25 lines (21 loc) · 923 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
# List any vulnerability that are to be accepted
# See https://aquasecurity.github.io/trivy/v0.35/docs/vulnerability/examples/filter/
# for more details
# This is a false positive CVE
# See: UID2-5492
CVE-2022-37767
# This is a false positive CVE
# See: UID2-5493
CVE-2025-1686
# gnutls DoS vulnerability via crafted ClientHello - not impactful as gnutls is not used by our Java service
# See: UID2-6655
CVE-2026-1584 exp:2026-08-27
# gnutls DoS vulnerability via DTLS zero-length record - not impactful as gnutls is not used by our Java service
# See: UID2-7008
CVE-2026-33845 exp:2026-11-04
# gnutls DoS vulnerability via heap buffer overflow in DTLS handshake - not impactful as gnutls is not used by our Java service
# See: UID2-7012
CVE-2026-33846 exp:2026-11-05
# jackson-core async parser DoS - not exploitable, services only use synchronous ObjectMapper API
# See: UID2-6670
GHSA-72hv-8253-57qq exp:2026-09-01