[ci] update .trivyignore

eclipse-leshan · Oct 25, 2024 · d43b8e6 · d43b8e6
1 parent 0735507
commit d43b8e6
Showing 1 changed file with 20 additions and 1 deletion.
diff --git a/.trivyignore b/.trivyignore
@@ -1,3 +1,22 @@
+# =========================
+# About Servers Demos
+# =========================
+
+# Backend
+# ------------
 # No affected by this vulnerability as we don't use HttpUri component directly
 # See : https://github.com/jetty/jetty.project/pull/12012#issuecomment-2427097199
-CVE-2024-6763
+# Could be remove after : https://github.com/eclipse-leshan/leshan/issues/1662
+CVE-2024-6763
+
+# Frontend
+# ------------
+# No affected by this vulnerability : we don't use parseHTML and close tag correctly. 
+# See : https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-9506
+# could be remove after : 
+#CVE-2024-9506
+
+# =========================
+# About Leshan Libraries
+# =========================
+# Nothing for now.