From b1a7a83993d5b412a40688b1060ec3d1e10f3e3f Mon Sep 17 00:00:00 2001
From: EdwinKruglov <edwin.kruglov@digital.justice.gov.uk>
Date: Thu, 14 Nov 2024 11:50:43 +0000
Subject: [PATCH] [CRIMAPP-1476] Ignore Trivy vulns outside our control

---
 .trivyignore | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index 1e34592e2..7c4b377c9 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,5 +1,14 @@
 # CVEs that are outside of our control
 #
-CVE-2023-2253
-CVE-2023-28840
-CVE-2023-30551
+# Accept all risks until 2025-05-14 - may have been resolved by cloud platform
+GHSA-9763-4f94-gfch exp:2025-05-14
+CVE-2024-41110 exp:2025-05-14
+CVE-2023-49569 exp:2025-05-14
+CVE-2023-49568 exp:2025-05-14
+CVE-2024-3817 exp:2025-05-14
+CVE-2024-6257 exp:2025-05-14
+CVE-2024-23652 exp:2025-05-14
+CVE-2024-23653 exp:2025-05-14
+CVE-2024-23651 exp:2025-05-14
+CVE-2024-21626 exp:2025-05-14
+CVE-2024-26147 exp:2025-05-14