Adapt allowedlist for vulnerabilities which won't affect us.

qaware · Apr 11, 2023 · 1099d95 · 1099d95
1 parent f2c811d
commit 1099d95
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/.github/containerscan/allowedlist.yaml b/.github/containerscan/allowedlist.yaml
@@ -2,6 +2,9 @@ general:
   vulnerabilities:
     - CVE-2021-3999
     - CVE-2022-2097 # only affects 32-bit x86 platforms. We don't offer this architecture in docker however.
+    - CVE-2023-0464 # only affects us, if user explicitly passes "-policy" to curl. We simply accept that case.
+    - CVE-2023-0465 # same as above (CVE-2023-0464)
+    - CVE-2023-0466 # only applies when X509_V_FLAG_POLICY_CHECK is set as a flag. curl cannot be invoked in protocurl this way.
   bestPracticeViolations:
     - DKL-LI-0001
     - CIS-DI-0005