File tree Expand file tree Collapse file tree
Expand file tree Collapse file tree Original file line number Diff line number Diff line change @@ -149,13 +149,6 @@ ignore:
149149 package :
150150 location : /usr/sbin/ondemand-dex-session
151151
152-
153- # CVE-2026-33186 (GO-2026-4762) gRPC-Go server auth bypass -- TMP disable to check ignores are working
154- # FIXME: should upgrade grafana to Grafana 12.4.2
155- - vulnerability : GHSA-p77j-4mvh-x3m3
156- package :
157- location : /usr/share/grafana/bin/grafana
158-
159152# CVE-2024-45337 (GO-2024-3321) Misuse of ServerConfig.PublicKeyCallback -- not using ssh
160153 - vulnerability : GHSA-v778-237x-gjrc
161154 package :
@@ -447,17 +440,6 @@ ignore:
447440 - vulnerability : GO-2026-5026
448441 package :
449442 location : /usr/bin/ondemand_exporter
450- # DEX: Negligible risk, unless used with IDNA URLs, which require an internationalised
451- # domain name for the ondemand "servername" parameter. Leaving as fixme as should
452- # patch when possible.
453- # FIXME:
454- - vulnerability : GO-2026-5026
455- package :
456- location : /usr/sbin/ondemand-dex
457- # FIXME:
458- - vulnerability : GO-2026-5026
459- package :
460- location : /usr/sbin/ondemand-dex-session
461443
462444# CVE-2026-39833/GO-2026-5005: Invoking key constraints not enforced in golang.org/x/crypto/ssh/agent
463445# Ignore: Not using ssh
You can’t perform that action at this time.
0 commit comments