mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-28 18:02:38 +02:00
Ignore CVE-2025-43859 / GHSA-vqfr-h8mv-ghfj
Ignore an h11 vulnerability that is present in the Dangerzone application released from the `v0.9.0` tag. This vulnerability reportedly affects web servers behind reverse proxies, which is not Dangerzone's case.
This commit is contained in:
Alex Pyrgiotis
parent
847926f59a
commit
a127eef9db
1 changed files with 9 additions and 1 deletions
10
.grype.yaml
10
.grype.yaml
|
|
@ -45,4 +45,12 @@ ignore:
|
|||
# present in Debian Bookworm. Also, libcurl is an HTTP client, and the
|
||||
# Dangerzone container does not make any network calls.
|
||||
- vulnerability: CVE-2025-0665
|
||||
|
||||
# CVE-2025-43859
|
||||
# ==============
|
||||
#
|
||||
# GitHub advisory: https://github.com/advisories/GHSA-vqfr-h8mv-ghfj
|
||||
# Verdict: Dangerzone is not affected because the vulnerable code is triggered
|
||||
# when parsing HTTP requests, e.g., by web **servers**. Dangerzone on the
|
||||
# other hand performs HTTP requests, i.e., it operates as **client**.
|
||||
- vulnerability: CVE-2025-43859
|
||||
- vulnerability: GHSA-vqfr-h8mv-ghfj
|
||||
|
|
|
|||
Loading…
Reference in a new issue