TMP: ignore CVE-2024-24790 and CVE-2025-7783 vulnerabilities

elelaysh · elelaysh · commit 5a7be0caf66b · 2025-12-08T10:08:43.000+01:00
CVE-2024-24790 in prometheus exporters: control plane is trusted CVE-2025-7783 in opensearch dashboards: will check if a more recent package is available later
diff --git a/etc/kayobe/trivy/allowed-vulnerabilities.yml b/etc/kayobe/trivy/allowed-vulnerabilities.yml
@@ -20,7 +20,10 @@ influxdb_allowed_vulnerabilities:
   - CVE-2024-45337
 magnum_conductor_allowed_vulnerabilities:
   - CVE-2024-45337
+opensearch_dashboards_allowed_vulnerabilities:
+  - CVE-2025-7783
 prometheus_blackbox_exporter_allowed_vulnerabilities:
+  - CVE-2024-24790
   - CVE-2024-45337
 prometheus_memcached_exporter_allowed_vulnerabilities:
   - CVE-2024-45337
@@ -31,7 +34,10 @@ prometheus_elasticsearch_exporter_allowed_vulnerabilities:
 prometheus_node_exporter_allowed_vulnerabilities:
   - CVE-2024-45337
 prometheus_openstack_exporter_allowed_vulnerabilities:
+  - CVE-2024-24790
   - CVE-2024-45337
+prometheus_ovn_exporter_allowed_vulnerabilities:
+  - CVE-2024-24790
 prometheus_libvirt_exporter_allowed_vulnerabilities:
   - CVE-2024-45337
 prometheus_cadvisor_allowed_vulnerabilities:
