Skip to content

Commit 2d65c33

Browse files
dash14dash14
authored
Merge pull request #5 from dash14/security/add-trivyignore-for-non-impacting-cves
Add low-severity CVEs to .trivyignore
2 parents 37cb8db + 9bf25e6 commit 2d65c33

File tree

1 file changed

+8
-0
lines changed

1 file changed

+8
-0
lines changed

.trivyignore

Lines changed: 8 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -40,3 +40,11 @@ CVE-2026-24137
4040
# libexpat integer overflow in tag buffer reallocation.
4141
# No external XML processing path exists in this product.
4242
CVE-2026-25210
43+
44+
# CIRCL ecc/p384 CombinedMult incorrect value for specific inputs.
45+
# buildkitd does not use CombinedMult directly; ECDH/ECDSA are unaffected.
46+
CVE-2026-1229
47+
48+
# libexpat: XML_ExternalEntityParserCreate does not copy encoding handler user data.
49+
# No external XML entity processing path exists in this product.
50+
CVE-2026-24515

0 commit comments

Comments
 (0)