Suppressing non-impactful vulnerability warning from CVE (#5995)

mikemountain · web-flow · commit 91a143b67aa6 · 2025-08-21T14:55:28.000-04:00
* Suppressing non-impactful vulnerability warning from CVE
diff --git a/.release/security-scan.hcl b/.release/security-scan.hcl
@@ -14,7 +14,7 @@ container {
 				# busybox@1.37.0-r12 https://nvd.nist.gov/vuln/detail/CVE-2025-46394
 				#
 				# Boundary does not shell out to the busybox tar program.
-				"CVE-2025-46394", 
+				"CVE-2025-46394",
 
 				# busybox@1.37.0-r12 https://nvd.nist.gov/vuln/detail/CVE-2024-58251
 				#
@@ -29,7 +29,12 @@ container {
 				# iputils@20240905-r0 https://nvd.nist.gov/vuln/detail/CVE-2025-47268
 				#
 				# Boundary does not utilize ping in iputils.
-				"CVE-2025-47268"
+				"CVE-2025-47268",
+
+				# iputils@20240905-r0 https://nvd.nist.gov/vuln/detail/CVE-2025-48964
+				#
+				# Boundary does not utilize ping in iputils.
+				"CVE-2025-48964"
 			]
 		}
 	}

Original file line number	Diff line number	Diff line change
`@@ -14,7 +14,7 @@ container {`
`14`	`14`	`# [email protected] https://nvd.nist.gov/vuln/detail/CVE-2025-46394`
`15`	`15`	`#`
`16`	`16`	`# Boundary does not shell out to the busybox tar program.`
`17`		`- "CVE-2025-46394",`
	`17`	`+ "CVE-2025-46394",`
`18`	`18`
`19`	`19`	`# [email protected] https://nvd.nist.gov/vuln/detail/CVE-2024-58251`
`20`	`20`	`#`
`@@ -29,7 +29,12 @@ container {`
`29`	`29`	`# iputils@20240905-r0 https://nvd.nist.gov/vuln/detail/CVE-2025-47268`
`30`	`30`	`#`
`31`	`31`	`# Boundary does not utilize ping in iputils.`
`32`		`- "CVE-2025-47268"`
	`32`	`+ "CVE-2025-47268",`
	`33`	`+`
	`34`	`+ # iputils@20240905-r0 https://nvd.nist.gov/vuln/detail/CVE-2025-48964`
	`35`	`+ #`
	`36`	`+ # Boundary does not utilize ping in iputils.`
	`37`	`+ "CVE-2025-48964"`
`33`	`38`	`]`
`34`	`39`	`}`
`35`	`40`	`}`