docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #21020 from felipecruz91/cups-cves 

chore(scout): Document CUPS CVEs in high-profile vuln policy
This commit is contained in:
David Karlsson 2024-09-30 14:33:25 +02:00 committed by GitHub
parent 365dac4bdb d355d226c0
commit 82acbd89f8
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
content/manuals/scout/policy/_index.md
View File

@ -145,13 +145,17 @@ The list includes the following vulnerabilities:
- [CVE-2023-38545 (cURL SOCKS5 heap buffer overflow)](https://scout.docker.com/v/CVE-2023-38545)
- [CVE-2023-44487 (HTTP/2 Rapid Reset)](https://scout.docker.com/v/CVE-2023-44487)
- [CVE-2024-3094 (XZ backdoor)](https://scout.docker.com/v/CVE-2024-3094)
- [CVE-2024-47176 (OpenPrinting - cups-browsed)](https://scout.docker.com/v/CVE-2024-47176)
- [CVE-2024-47076 (OpenPrinting - libcupsfilters)](https://scout.docker.com/v/CVE-2024-47076)
- [CVE-2024-47175 (OpenPrinting- libppd)](https://scout.docker.com/v/CVE-2024-47175)
- [CVE-2024-47177 (OpenPrinting - cups-filters)](https://scout.docker.com/v/CVE-2024-47177)
You can configure the CVEs included in this list by creating a custom policy.
Custom configuration options include:
- **CVEs to avoid**: Specify the CVEs that you want to avoid in your artifacts.
- **Excluded CVEs**: Specify the CVEs that you want this policy to ignore.
Default: `CVE-2014-0160`, `CVE-2021-44228`, `CVE-2023-38545`, `CVE-2023-44487`, `CVE-2024-3094`
Default: `[]` (none of the high-profile CVEs are ignored)
- **CISA KEV**: Enable tracking of vulnerabilities from CISA's Known Exploited Vulnerabilities (KEV) catalog