Ignore inapplicable CVE

This commit is contained in:
Kovid Goyal
2026-07-03 08:58:07 +05:30
parent d86da26069
commit 3313e5a6be

View File

@@ -236,6 +236,7 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2026-7210', # DoS in unused XML parser
'CVE-2026-3276', # DoS in unicodedata.normalize()
'CVE-2026-7774', # tarfile.data_filter path traversal bypass
'CVE-2026-12003', # bug in release builds irrelevant to us
# github.com/nwaples/rardecode/v2
'CVE-2025-11579', # rardecode is version 2.2.1, not vulnerable
'CVE-2026-2673', # openssl fix not released