allowedCves property

List<String>? allowedCves
getter/setter pair

A list of specific CVEs to ignore even if the vulnerability level violates maximumUnfixableSeverity or maximumFixableSeverity.

CVEs are listed in the format of Container Analysis note id. For example:

  • CVE-2021-20305 - CVE-2020-10543 The CVEs are applicable regardless of note provider project, e.g., an entry of CVE-2021-20305 will allow vulnerabilities with a note name of either projects/goog-vulnz/notes/CVE-2021-20305 or projects/CUSTOM-PROJECT/notes/CVE-2021-20305.

Optional.

Implementation

core.List<core.String>? allowedCves;