mirror of
https://github.com/mastodon/mastodon.git
synced 2024-11-20 03:25:17 +01:00
Ignore CVE-2024-8796, which does not impact us
This commit is contained in:
parent
346c37df80
commit
d2842db18d
@ -4,3 +4,7 @@ ignore:
|
||||
# We have rate-limits on authentication endpoints in place (including second
|
||||
# factor verification) since Mastodon v3.2.0
|
||||
- CVE-2024-0227
|
||||
# devise-two-factor advisory about generated secrets being weaker than expected
|
||||
# We call `generate_otp_secret` ourselves with a requested length of 32 characters,
|
||||
# which exceeds the recommended remediation of 26 characters, so we're safe
|
||||
- CVE-2024-8796
|
||||
|
Loading…
Reference in New Issue
Block a user