mirrors/kitty
1
0
Fork 0
mirror of https://github.com/kovidgoyal/kitty synced 2026-06-08 14:18:26 +02:00
Code Issues Packages Projects Releases Wiki Activity

Ignore irrelevant CVE

Browse Source
This commit is contained in:
Kovid Goyal
2026-02-05 23:01:58 +05:30
parent b66f8e9ed8
commit 0afe77ebc9
1 changed files with 1 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
.github/workflows/ci.py vendored
View File

@@ -213,6 +213,7 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2025-13836', # DoS in http client reading from malicious server 'CVE-2025-13836', # DoS in http client reading from malicious server
'CVE-2025-12084', # DoS in xml.dom.minidom unused in kitty 'CVE-2025-12084', # DoS in xml.dom.minidom unused in kitty
'CVE-2025-13837', # DoS in plistlib reading plist. We only use plistlib for writing 'CVE-2025-13837', # DoS in plistlib reading plist. We only use plistlib for writing
'CVE-2025-6075', # Quadratic complexity in os.path.expandvars()
# python stdlib all these are erroneously marked as fixed in python 3.15 # python stdlib all these are erroneously marked as fixed in python 3.15
# when it hasnt even been released. Sigh. # when it hasnt even been released. Sigh.
'CVE-2026-1299', 'CVE-2026-1299',