mirror of
https://github.com/freedomofpress/dangerzone.git
synced 2025-04-28 09:52:37 +02:00
fb7c2088e2
Ignore the CVE-2024-11053 vulnerability, since it's a libcurl one, and the Dangerzone container does not make network calls. Also, clear the previous vulnerabilities, now that we have a new image out.
11 lines
425 B
YAML
11 lines
425 B
YAML
# This configuration file will be used to track CVEs that we can ignore for the
|
|
# latest release of Dangerzone, and offer our analysis.
|
|
|
|
ignore:
|
|
# CVE-2024-11053
|
|
# ==============
|
|
#
|
|
# NVD Entry: https://nvd.nist.gov/vuln/detail/CVE-2024-11053
|
|
# Verdict: Dangerzone is not affected because libcurl is an HTTP client, and
|
|
# the Dangerzone container does not make any network calls.
|
|
- vulnerability: CVE-2024-11053
|