Ignore inapplicable CVE

This commit is contained in:
Kovid Goyal
2026-07-12 09:58:05 +05:30
parent 95ded6817b
commit f935258394

View File

@@ -237,6 +237,7 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2026-3276', # DoS in unicodedata.normalize()
'CVE-2026-7774', # tarfile.data_filter path traversal bypass
'CVE-2026-12003', # bug in release builds irrelevant to us
'CVE-2026-15308', # bug in stdlib html parser irrelevant to us
# github.com/nwaples/rardecode/v2
'CVE-2025-11579', # rardecode is version 2.2.1, not vulnerable
'CVE-2026-2673', # openssl fix not released