Ignore inapplicable CVE in python stdlib

2026-06-08 14:18:26 +02:00 · 2026-01-16 19:13:16 +05:30
parent 0d0ee5474d
commit e342f5ffab
1 changed files with 2 additions and 1 deletions
--- a/.github/workflows/ci.py
+++ b/.github/workflows/ci.py
@@ -212,6 +212,7 @@ IGNORED_DEPENDENCY_CVES = [
    'CVE-2025-6069', # DoS in HTMLParser
    'CVE-2025-13836', # DoS in http client reading from malicious server
    'CVE-2025-12084', # DoS in xml.dom.minidom unused in kitty
+    'CVE-2025-13837', # DoS in plistlib reading plist. We only use plistlib for writing
    # glib
    'CVE-2025-4056', # Only affects Windows, on which we dont run
    # github.com/nwaples/rardecode/v2