Skip to content

Commit 3722759

Browse files
grom72grom72
authored
DAOS-18603 cq: suppress CVE-2025-33042 (#17581)
Suppress avro:1.11.4 vulnerability inherited from hadoop as there is no new version of hadoop Signed-off-by: Tomasz Gromadzki <[email protected]>
1 parent ccc1cd2 commit 3722759

File tree

1 file changed

+3
-0
lines changed

1 file changed

+3
-0
lines changed

utils/trivy/.trivyignore

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -10,3 +10,6 @@ CVE-2025-48924
1010

1111
## CVE-2025-58057,MEDIUM,7.5,"netty-codec: netty-codec-compression: Netty's BrotliDecoder is vulnerable to DoS via zip bomb style attack","io.netty:netty-codec","4.1.100.Final","4.1.125.Final",https://avd.aquasec.com/nvd/cve-2025-58057
1212
CVE-2025-58057
13+
14+
## CVE-2025-33042,MEDIUM,,"org.apache.avro/avro: Apache Avro Java SDK: Code injection on Java generated code","org.apache.avro:avro","1.11.4","1.12.1, 1.11.5",https://avd.aquasec.com/nvd/cve-2025-33042
15+
CVE-2025-33042

0 commit comments

Comments
 (0)