-
Notifications
You must be signed in to change notification settings - Fork 0
/
.trivyignore
17 lines (17 loc) · 985 Bytes
/
.trivyignore
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
# Run after build docker image this command to check locally: trivy image eidas-eidas-connector:latest
CVE-2023-6378 # logback-classic fixed in 1.3.12, 1.4.12, 1.2.13
CVE-2022-22965 # spring-beans fixed in 5.3.18 (CRITICAL)
CVE-2022-22970 # spring-beans fixed in 5.3.20
CVE-2022-22968 # spring-context fixed in 5.3.19
CVE-2018-15756 # spring-core fixed in 5.1.1, 4.3.20
CVE-2023-20863 # spring-expression fixed in 5 and 6
CVE-2016-1000027 #spring-web fixed in 6.0.0 (CRITICAL)
CVE-2024-22243 #spring-web fixed in 6.1.4, 6.0.17, 5.3.32
CVE-2024-22259 #spring-web fixed in 6.1.5, 6.0.18, 5.3.33
CVE-2024-22262 #spring-web fixed in 5.3.34, 6.0.19, 6.1.6
CVE-2021-37136 # io.netty:netty-codec fixed in 4.1.68.FINAL
CVE-2021-37137 # io.netty:netty-codec fixed in 4.1.68.FINAL
CVE-2020-11612 # netty-handler fixed in 4.1.46
CVE-2022-42003 # jackson-databind fixed in 2.12.7.1, 2.13.4.2
CVE-2022-42004 # jackson-databind fixed in 2.12.7.1, 2.13.4
CVE-2024-47554 # commons-io fixed in 2.14.0