Ignore inappplicable CVE

2026-06-06 09:15:57 +02:00 · 2026-06-06 06:12:03 +05:30
1 changed files with 1 additions and 0 deletions
--- a/.github/workflows/ci.py
+++ b/.github/workflows/ci.py
@@ -233,6 +233,7 @@ IGNORED_DEPENDENCY_CVES = [
    'CVE-2026-4519',
    'CVE-2026-1502',
    'CVE-2026-7210',  # DoS in unused XML parser
+    'CVE-2026-3276',  # DoS in unicodedata.normalize()
    # github.com/nwaples/rardecode/v2
    'CVE-2025-11579', # rardecode is version 2.2.1, not vulnerable
    'CVE-2026-2673',  # openssl fix not released