CERBERUS/kitty
1
0
Fork 0
mirror of https://github.com/kovidgoyal/kitty.git synced 2026-05-13 16:37:27 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions 3

Ignore inapplicable CVE in python stdlib

Browse source
This commit is contained in:
Kovid Goyal 2026-01-16 19:13:16 +05:30
parent 0d0ee5474d
commit e342f5ffab
No known key found for this signature in database
GPG key ID: 06BC317B515ACE7C
1 changed files with 2 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

3
.github/workflows/ci.py vendored
View file

@ -211,7 +211,8 @@ IGNORED_DEPENDENCY_CVES = [
'CVE-2025-8194', # DoS in tarfile
'CVE-2025-6069', # DoS in HTMLParser
'CVE-2025-13836', # DoS in http client reading from malicious server
'CVE-2025-12084', # DoS in xml.dom.minidom unused in kitty
'CVE-2025-12084', # DoS in xml.dom.minidom unused in kitty
'CVE-2025-13837', # DoS in plistlib reading plist. We only use plistlib for writing
# glib
'CVE-2025-4056', # Only affects Windows, on which we dont run
# github.com/nwaples/rardecode/v2