workaround for trivy scan

OWASP · Feb 17, 2024 · 6d11a5c · 6d11a5c
1 parent 573048f
commit 6d11a5c
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/.trivyignore b/.trivyignore
@@ -30,4 +30,9 @@ CVE-2022-25883
 # https://avd.aquasec.com/nvd/cve-2023-26136
 # tough-cookie prior to version 4.1.3 has prototype pollution in cookie memstore
 # not applicable to Threat Dragon as no cookies used
-CVE-2023-26136 
+CVE-2023-26136
+
+# https://avd.aquasec.com/nvd/2023/cve-2023-42282
+# NPM IP Package v.1.1.8 and before allows execute arbitrary code via isPublic
+# no patch available
+CVE-2023-42282