chore: ignore disputed CVE-2023-39017

miracum · Sep 8, 2023 · 6276b7f · 6276b7f
1 parent 0b4afc5
commit 6276b7f
Showing 1 changed file with 4 additions and 0 deletions.
diff --git a/.trivyignore b/.trivyignore
@@ -10,3 +10,7 @@ CVE-2023-34104
 # Image user should not be 'root'
 # this is only used by the cypress image
 AVD-DS-0002
+
+# this is disputed by multiple parties because it is not plausible that untrusted
+# user input would reach the code location where injection must occur.
+CVE-2023-39017