forked from solo-io/gloo
-
Notifications
You must be signed in to change notification settings - Fork 0
/
.trivyignore
21 lines (19 loc) · 1.05 KB
/
.trivyignore
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
# emicklei/go-restful - Authorization Bypass Through User-Controlled Key
# This should be fixed in v2's 2.16.0, although talks were undergoing about why this still shows up as an issue.
# https://github.com/emicklei/go-restful/pull/503
CVE-2022-1996
# https://github.com/advisories/GHSA-h3qm-jrrf-cgj3
# This CVE is not exploitable in Gloo Edge, and a fix is not yet available in the library
# https://github.com/solo-io/solo-projects/issues/4016
CVE-2022-37315
# These CVEs only impacts install of Gloo-Edge from Glooctl CLI.
# Also Helm module is used in testing, which has no impact on exploitation.
# Gloo-Edge data and control planes are not impacted at all by the helm module.
# Glooctl is not a long running program, and does not affect future uses of Glooctl.
# https://github.com/solo-io/gloo/issues/7598
# https://github.com/helm/helm/security/advisories/GHSA-6rx9-889q-vv2r
CVE-2022-23524
# https://github.com/helm/helm/security/advisories/GHSA-53c4-hhmh-vw5q
CVE-2022-23525
# https://github.com/helm/helm/security/advisories/GHSA-67fx-wx78-jx33
CVE-2022-23526