mirror of
https://github.com/kovidgoyal/kitty.git
synced 2026-05-13 08:26:56 +00:00
Ignore CVE-2025-13836
We dont care about this DoS enough, so ignore until a new version of python 3.12 s released with the fix. Not updating past Python 3.12 for this DoS.
This commit is contained in:
Kovid Goyal
parent
3352dba735
commit
d87ba95d9c
1 changed files with 1 additions and 0 deletions
1
.github/workflows/ci.py
vendored
1
.github/workflows/ci.py
vendored
|
|
@ -220,6 +220,7 @@ IGNORED_DEPENDENCY_CVES = [
|
|||
# Python stdlib
|
||||
'CVE-2025-8194', # DoS in tarfile
|
||||
'CVE-2025-6069', # DoS in HTMLParser
|
||||
'CVE-2025-13836', # DoS in http client reading from malicious server
|
||||
# glib
|
||||
'CVE-2025-4056', # Only affects Windows, on which we dont run
|
||||
# github.com/nwaples/rardecode/v2
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue