Skip to content

Ignoring all unimportant vulnerabilities #1968

@jayvdb

Description

@jayvdb

I am recently seeing the following table with 13 entries

+-----------------------------------------+------+-----------+---------+-----------+--------------+
| OSV URL                                 | CVSS | ECOSYSTEM | PACKAGE | VERSION   | SOURCE       |
+-----------------------------------------+------+-----------+---------+-----------+--------------+
| Unimportant vulnerabilities             |      |           |         |           |              |
+-----------------------------------------+------+-----------+---------+-----------+--------------+
| https://osv.dev/UBUNTU-CVE-2018-1000886 | 5.5  | Ubuntu    | nasm    | 2.16.03-1 | sbom.cdx.xml |
..

I dont see any docs on how I can configure the scanner to ignore them all, except by adding an entry for each of them.

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions