tcjlj/nginx-proxy-manager-zh
1
0
Fork 0
mirror of https://github.com/xiaoxinpro/nginx-proxy-manager-zh.git synced 2025-01-23 05:18:12 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

ignore nancy warning

Browse Source
This commit is contained in:
Jamie Curnow 2023-02-24 21:16:17 +10:00
parent 83e432793b
commit 0eeed1695c
No known key found for this signature in database
GPG Key ID: FFBB624C43388E9E
1 changed files with 4 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
backend/.nancy-ignore
View File

@ -1,41 +1,31 @@
# If you need to ignore any of nancy's warnings add them
# here with a reference to the package/version that
# triggers them and rational for ignoring it.
# pkg:golang/github.com/coreos/etcd@3.3.10
# etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation
CVE-2020-15115
# pkg:golang/github.com/coreos/etcd@3.3.10
# In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records
CVE-2020-15136
# pkg:golang/github.com/coreos/etcd@3.3.10
# In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access
CVE-2020-15114
# pkg:golang/github.com/gorilla/websocket@1.4.0
# Integer Overflow or Wraparound
CWE-190
# jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrict...
CVE-2020-26160
# https://ossindex.sonatype.org/vulnerability/sonatype-2021-1485
sonatype-2021-1485
# CWE-770: Allocation of Resources Without Limits or Throttling
CVE-2022-41717
CVE-2022-41723
# CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')
CVE-2022-41723