add trivy exception

Signed-off-by: Tim Ramlot <42113979+inteon@users.noreply.github.com>
cert-manager · Feb 22, 2024 · 380f662 · 380f662
1 parent fbd5bf7
commit 380f662
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/.trivyignore b/.trivyignore
@@ -5,3 +5,8 @@ CVE-2020-8911
 CVE-2020-8912
 GHSA-7f33-f4f5-xwgw
 GHSA-f5pg-7wfw-84q9
+
+# This Helm vulerability is does not create a security risk for the cmctl binary.
+# Since the cmctl x install command uses the trusted cert-manager Helm chart, and
+# this vulnerability requires a malicious chart to be used.
+CVE-2024-25620