Configure to ignore unrelated vulnerabilities

kanisterio · Jun 27, 2024 · 30f5029 · 30f5029
1 parent fe7d35a
commit 30f5029
Showing 1 changed file with 23 additions and 0 deletions.
diff --git a/.grype.yaml b/.grype.yaml
@@ -1,4 +1,27 @@
 ignore:
+  ## Libcurl memory leak in UBI8-minimal, not relevant for kanister images
   - vulnerability: CVE-2024-2398
     fix-state: not-fixed
+  ## Issue for GLib GD-bus services, not relevant for kanister images
+  - vulnerability: CVE-2024-34397
+    fix-state: not-fixed
+  ## memory leak in krb5
+  - vulnerability: CVE-2024-26462
+    fix-state: not-fixed
+  ## libarchive issue, not relevant for kanister images
+  - vulnerability: CVE-2023-30571
+    fix-state: wont-fix
+  ## libyaml issues, not relevant for kanister images
+  - vulnerability: CVE-2024-35325
+    fix-state: not-fixed
+  - vulnerability: CVE-2024-35329
+    fix-state: not-fixed
+  - vulnerability: CVE-2024-35328
+    fix-state: not-fixed
+  - vulnerability: CVE-2024-35326
+    fix-state: not-fixed
+  ## systemd recursion, not relevant for kanister images
+  - vulnerability: CVE-2021-3997
+    fix-state: not-fixed
+