Skip to content

Commit 41da8cb

Browse files
committed
remove unused grype ignores
1 parent 9dedc0c commit 41da8cb

1 file changed

Lines changed: 0 additions & 18 deletions

File tree

.grype.yaml

Lines changed: 0 additions & 18 deletions
Original file line numberDiff line numberDiff line change
@@ -149,13 +149,6 @@ ignore:
149149
package:
150150
location: /usr/sbin/ondemand-dex-session
151151

152-
153-
# CVE-2026-33186 (GO-2026-4762) gRPC-Go server auth bypass -- TMP disable to check ignores are working
154-
# FIXME: should upgrade grafana to Grafana 12.4.2
155-
- vulnerability: GHSA-p77j-4mvh-x3m3
156-
package:
157-
location: /usr/share/grafana/bin/grafana
158-
159152
# CVE-2024-45337 (GO-2024-3321) Misuse of ServerConfig.PublicKeyCallback -- not using ssh
160153
- vulnerability: GHSA-v778-237x-gjrc
161154
package:
@@ -447,17 +440,6 @@ ignore:
447440
- vulnerability: GO-2026-5026
448441
package:
449442
location: /usr/bin/ondemand_exporter
450-
# DEX: Negligible risk, unless used with IDNA URLs, which require an internationalised
451-
# domain name for the ondemand "servername" parameter. Leaving as fixme as should
452-
# patch when possible.
453-
# FIXME:
454-
- vulnerability: GO-2026-5026
455-
package:
456-
location: /usr/sbin/ondemand-dex
457-
# FIXME:
458-
- vulnerability: GO-2026-5026
459-
package:
460-
location: /usr/sbin/ondemand-dex-session
461443

462444
# CVE-2026-39833/GO-2026-5005: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent
463445
# Ignore: Not using ssh

0 commit comments

Comments
 (0)