Merge pull request #87 from conjurinc/update-trivyignore

Add .trivyignore entry for CVE-2017-14033
conjurinc · Jul 27, 2023 · 9855daf · 9855daf
2 parents ee43a47 + 4a639c0
commit 9855daf
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,5 @@
+# Scanners have started flagging CVE-2017-14033 because they are matching 
+# the version of Ruby that shipped the vulnerable openssl gem with the 
+# version of openssl itself. We use Ruby 3 in our base images, so already
+# have the fix for this issue.
+CVE-2017-14033