Ignore micromatch CVE-2024-4067

mullvad · Aug 23, 2024 · a1be93f · a1be93f
1 parent 16f8739
commit a1be93f
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/gui/osv-scanner.toml b/gui/osv-scanner.toml
@@ -42,3 +42,9 @@ reason = "We don't utilize the signing features in browserify"
 id = "CVE-2024-42459" # GHSA-f7q4-pwc6-w24p
 ignoreUntil = 2024-10-15
 reason = "We don't utilize the signing features in browserify"
+
+# micromatch (dev): Regular Expression Denial of Service (ReDoS) in micromatch
+[[IgnoredVulns]]
+id = "CVE-2024-4067" # GHSA-952p-6rrq-rcjv
+ignoreUntil = 2024-11-23
+reason = "This is just a dev dependency, and we don't have untrusted input to micromatch there"