-
Notifications
You must be signed in to change notification settings - Fork 17
Expand file tree
/
Copy path.trivyignore
More file actions
26 lines (20 loc) · 947 Bytes
/
.trivyignore
File metadata and controls
26 lines (20 loc) · 947 Bytes
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# List any vulnerability that are to be accepted
# See https://aquasecurity.github.io/trivy/v0.35/docs/vulnerability/examples/filter/
# for more details
# UID2-6385
CVE-2025-66293 exp:2026-06-15
# UID2-6481
CVE-2025-68973 exp:2026-06-15
# gnutls DoS vulnerability via crafted ClientHello - not impactful as gnutls is not used by our Java service
# See: UID2-6655
CVE-2026-1584 exp:2026-08-27
# jackson-core async parser DoS - not exploitable, services only use synchronous ObjectMapper API
# See: UID2-6670
GHSA-72hv-8253-57qq exp:2026-09-01
# libpng heap buffer overflow in Alpine base image - fixed version not yet available in Alpine 3.23
# See: UID2-6677
CVE-2026-25646 exp:2026-09-02
# zlib contrib/untgz demo utility buffer overflow - not exploitable, Alpine does not ship the untgz binary
# and the core libz library used by the JRE is unaffected. The zlib maintainer disputes this CVE.
# See: UID2-6704
CVE-2026-22184 exp:2026-09-09