diff --git a/.grype.yaml b/.grype.yaml index 131db9e..31ad0fb 100644 --- a/.grype.yaml +++ b/.grype.yaml @@ -38,6 +38,15 @@ ignore: - vulnerability: CVE-2026-6100 - vulnerability: CVE-2026-4786 - vulnerability: GHSA-pc3f-x583-g7j2 + - vulnerability: CVE-2026-3298 + - vulnerability: GHSA-q339-8rmv-2mhv + package: + name: erb + version: 4.0.3 + - vulnerability: GHSA-mh2q-q3fh-2475 + package: + name: go.opentelemetry.io/otel + version: v1.40.0 # node_24 vulnerabilities - vulnerability: GHSA-c2c7-rcm5-vvqj - vulnerability: GHSA-7r86-cg39-jmmj @@ -53,8 +62,24 @@ ignore: - vulnerability: GHSA-2599-h6xx-hpxp # eps-storage-terraform vulnerabilities - vulnerability: CVE-2025-68119 + - vulnerability: GHSA-mh2q-q3fh-2475 + package: + name: go.opentelemetry.io/otel + version: v1.38.0 + - vulnerability: GHSA-mh2q-q3fh-2475 + package: + name: go.opentelemetry.io/otel + version: v1.39.0 # eps-data-extract vulnerabilities - vulnerability: GHSA-6fmv-xxpf-w3cw + - vulnerability: CVE-2026-34282 + package: + name: openjdk + version: 17.0.18+8 + - vulnerability: CVE-2026-22016 + package: + name: openjdk + version: 17.0.18+8 # fhir-facade vulnerabilities - vulnerability: CVE-2022-26485 - vulnerability: CVE-2022-26486 @@ -70,6 +95,21 @@ ignore: - vulnerability: CVE-2025-53066 - vulnerability: CVE-2026-21945 - vulnerability: CVE-2026-21932 + package: + name: openjdk + version: 20.0.2+9-78 + - vulnerability: CVE-2026-22016 + package: + name: openjdk + version: 20.0.2+9-78 + - vulnerability: CVE-2026-34282 + package: + name: jdk + version: 20.0.2+9-78 + - vulnerability: CVE-2026-22016 + package: + name: jdk + version: 20.0.2+9-78 # node-24_python_3_14_java_24 vulnerabilities - vulnerability: GHSA-6fmv-xxpf-w3cw - vulnerability: CVE-2025-53066 @@ -77,3 +117,11 @@ ignore: - vulnerability: CVE-2026-21932 - vulnerability: CVE-2026-27143 - vulnerability: CVE-2026-27144 + - vulnerability: CVE-2026-34282 + package: + name: openjdk + version: 24.0.2+12 + - vulnerability: CVE-2026-22016 + package: + name: openjdk + version: 24.0.2+12