Fix CVE

Ignore CVE on sqlalchemy-utils, angular-gettext-tools Remove CWE ignore ``` Title: [1059620] Inefficient Regular Expression Complexity in nth-check Severity: moderate CWE: ["CWE-1333"] Vulnerable versions: <2.0.1 Patched versions: >=2.0.1 Recommendation: Upgrade to version 2.0.1 or later Version: 1.0.2 Path: angular-gettext-tools > cheerio > css-select > nth-check More info: GHSA-rp65-9cf3-cjxr +==============================================================================+ | | | /$$$$$$ /$$ | | /$$__ $$ | $$ | | /$$$$$$$ /$$$$$$ | $$ \__//$$$$$$ /$$$$$$ /$$ /$$ | | /$$_____/ |____ $$| $$$$ /$$__ $$|_ $$_/ | $$ | $$ | | | $$$$$$ /$$$$$$$| $$_/ | $$$$$$$$ | $$ | $$ | $$ | | \____ $$ /$$__ $$| $$ | $$_____/ | $$ /$$| $$ | $$ | | /$$$$$$$/| $$$$$$$| $$ | $$$$$$$ | $$$$/| $$$$$$$ | | |_______/ \_______/|__/ \_______/ \___/ \____ $$ | | /$$ | $$ | | | $$$$$$/ | | by pyup.io \______/ | | | +==============================================================================+ | REPORT | | checked 136 packages, using free DB (updated once a month) | +============================+===========+==========================+==========+ | package | installed | affected | ID | +============================+===========+==========================+==========+ | sqlalchemy-utils | 0.38.2 | >=0.27.0 | 42194 | +==============================================================================+ | Sqlalchemy-utils from version 0.27.0 'EncryptedType' uses by default AES | | with CBC mode. The IV that it uses is not random though. | | kvesteri/sqlalchemy-utils#166 | +==============================================================================+ ```
camptocamp · Mar 11, 2022 · 4f5b7af · 4f5b7af
1 parent 202e81b
commit 4f5b7af
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 17 deletions.
diff --git a/ci/config.yaml b/ci/config.yaml
@@ -17,21 +17,7 @@ checks:
 
 audit:
   npm:
-    cwe_ignore:
-      - CWE-20 # Improper Input Validation
-      - CWE-22 # Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
-      - CWE-59 # Improper Link Resolution Before File Access ('Link Following')
-      - CWE-61 # UNIX Symbolic Link (Symlink) Following
-      - CWE-77 # Improper Neutralization of Special Elements used in a Command ('Command Injection')
-      - CWE-125 # Out-of-bounds Read
-      - CWE-295 # Improper Certificate Validation
-      - CWE-331 # Insufficient Entropy
-      - CWE-346 # Origin Validation Error
-      - CWE-400 # Uncontrolled Resource Consumption
-      - CWE-502 # Deserialization of Untrusted Data
-      - CWE-532 # Insertion of Sensitive Information into Log File
-      - CWE-915 # Improperly Controlled Modification of Dynamically-Determined Object Attributes
-      - CWE-918 # Server-Side Request Forgery (SSRF)
+    package_ignore: []
 
 publish:
   docker:

diff --git a/npm-cve-ignore b/npm-cve-ignore
@@ -1 +1 @@
-1004967
+1004967,1059620
diff --git a/pip-cve-ignore b/pip-cve-ignore
@@ -1 +1 @@
-38464
+38464,42194