Update grype.yaml ignore list

mocsharp · mocsharp · commit 18827295a355 · 2022-10-20T15:44:04.000-07:00
Signed-off-by: Victor Chang &lt;vicchang@nvidia.com&gt;
diff --git a/.grype.yaml b/.grype.yaml
@@ -12,11 +12,11 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-# ignore:
-#   - vulnerability: CVE-2022-37434 # medium https://ubuntu.com/security/CVE-2022-37434
-#   - vulnerability: CVE-2015-5237 # low https://ubuntu.com/security/CVE-2015-5237
-#   - vulnerability: CVE-2016-20013 # negligible https://ubuntu.com/security/CVE-2016-20013
-#   - vulnerability: CVE-2017-11164 # negligible https://ubuntu.com/security/CVE-2017-11164
-#   - vulnerability: CVE-2020-16156 # medium https://ubuntu.com/security/CVE-2020-16156
-#   - vulnerability: CVE-2022-29458 # negligible https://ubuntu.com/security/CVE-2022-29458
+ignore:
+  - vulnerability: CVE-2022-37434 # https://github.com/Project-MONAI/monai-deploy-workflow-manager/issues/514
+  - vulnerability: CVE-2015-5237 # https://github.com/Project-MONAI/monai-deploy-workflow-manager/issues/515
+  - vulnerability: CVE-2016-20013 # https://github.com/Project-MONAI/monai-deploy-workflow-manager/issues/516
+  - vulnerability: CVE-2017-11164 # https://github.com/Project-MONAI/monai-deploy-workflow-manager/issues/517
+  - vulnerability: CVE-2020-16156 # https://github.com/Project-MONAI/monai-deploy-workflow-manager/issues/518
+  - vulnerability: CVE-2022-29458 # https://github.com/Project-MONAI/monai-deploy-workflow-manager/issues/519
     
