Skip to content

Commit

Permalink
CI: nancy ignore CVE-2024-8421
Browse files Browse the repository at this point in the history
  • Loading branch information
buddh0 committed Sep 9, 2024
1 parent e7e5d50 commit b28ad64
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions .nancy-ignore
Original file line number Diff line number Diff line change
@@ -1,2 +1,3 @@
CVE-2024-34478 # "CWE-754: Improper Check for Unusual or Exceptional Conditions." This vulnerability is BTC only, BSC does not have the issue.
CVE-2024-6104 # "CWE-532: Information Exposure Through Log Files" This is caused by the vulnerabilities [email protected], it is only used in cmd devp2p, impact is limited. will upgrade to v0.7.7 later
CVE-2024-8421 # "CWE-400: Uncontrolled Resource Consumption (Resource Exhaustion)" This vulnerability is caused by issues in the golang.org/x/net package. Even the latest version has not yet addressed it, but we will continue to monitor updates closely.

0 comments on commit b28ad64

Please sign in to comment.