From 1d980eb5827e70e2d1ffffb04ff0d76dfab9de52 Mon Sep 17 00:00:00 2001
From: Bug Magnet <marco.nikic@mullvad.net>
Date: Wed, 30 Oct 2024 09:57:00 +0100
Subject: [PATCH] Fix CVE-2024-49761 by ignoring it

---
 ci/ios/upload-vm/osv-scanner.toml | 5 +++++
 ios/osv-scanner.toml              | 5 +++++
 2 files changed, 10 insertions(+)
 create mode 100644 ci/ios/upload-vm/osv-scanner.toml
 create mode 100644 ios/osv-scanner.toml

diff --git a/ci/ios/upload-vm/osv-scanner.toml b/ci/ios/upload-vm/osv-scanner.toml
new file mode 100644
index 000000000000..92c09a313b30
--- /dev/null
+++ b/ci/ios/upload-vm/osv-scanner.toml
@@ -0,0 +1,5 @@
+# REXML ReDoS vulnerability
+[[IgnoredVulns]]
+id = "CVE-2024-49761"
+ignoreUntil = 2024-04-01
+reason = "The XML payload is generated by Apple tooling"
\ No newline at end of file
diff --git a/ios/osv-scanner.toml b/ios/osv-scanner.toml
new file mode 100644
index 000000000000..92c09a313b30
--- /dev/null
+++ b/ios/osv-scanner.toml
@@ -0,0 +1,5 @@
+# REXML ReDoS vulnerability
+[[IgnoredVulns]]
+id = "CVE-2024-49761"
+ignoreUntil = 2024-04-01
+reason = "The XML payload is generated by Apple tooling"
\ No newline at end of file