mirror of
https://github.com/espressif/esp-idf.git
synced 2024-10-05 20:47:46 -04:00
change: exclude CVEs that do not impact ESP-IDF components
cJSON: CVE-2024-31755 - Resolved in cJSON v1.7.18 FreeRTOS: CVE-2024-28115 - Affects only ARMv7-M MPU ports, and ARMv8-M ports Signed-off-by: Frantisek Hrbata <frantisek.hrbata@espressif.com>
This commit is contained in:
parent
8fc3d7d765
commit
f5168f2029
1
.gitmodules
vendored
1
.gitmodules
vendored
@ -55,6 +55,7 @@
|
||||
sbom-url = https://github.com/DaveGamble/cJSON
|
||||
sbom-description = Ultralightweight JSON parser in ANSI C
|
||||
sbom-hash = acc76239bee01d8e9c858ae2cab296704e52d916
|
||||
sbom-cve-exclude-list = CVE-2024-31755 Resolved in v1.7.18
|
||||
|
||||
[submodule "components/mbedtls/mbedtls"]
|
||||
path = components/mbedtls/mbedtls
|
||||
|
@ -4,3 +4,6 @@ cpe: cpe:2.3:o:amazon:freertos:{}:*:*:*:*:*:*:*
|
||||
supplier: 'Organization: Espressif Systems (Shanghai) CO LTD'
|
||||
originator: 'Organization: Amazon Web Services'
|
||||
description: An open-source, real-time operating system (RTOS) with additional features and patches from Espressif.
|
||||
cve-exclude-list:
|
||||
- cve: CVE-2024-28115
|
||||
reason: Affects only ARMv7-M MPU ports, and ARMv8-M ports with Memory Protected Unit (MPU) support enabled
|
||||
|
Loading…
Reference in New Issue
Block a user