Skip to content

chore: suppress CVE-2026-27135 until nginx:alpine is rebuilt#2

Merged
DeepDiver1975 merged 1 commit into
masterfrom
fix/trivyignore-cve-2026-27135
May 8, 2026
Merged

chore: suppress CVE-2026-27135 until nginx:alpine is rebuilt#2
DeepDiver1975 merged 1 commit into
masterfrom
fix/trivyignore-cve-2026-27135

Conversation

@DeepDiver1975
Copy link
Copy Markdown
Contributor

@DeepDiver1975 DeepDiver1975 commented May 8, 2026

Summary

  • Adds CVE-2026-27135 to .trivyignore to unblock CI
  • nghttp2-libs < 1.68.1 is present in the current nginx:alpine image; Alpine 3.22 repos have the fix (1.69.0-r0) but the official nginx:alpine Docker Hub image has not yet been rebuilt with it
  • Remove this suppression once nginx:alpine ships with nghttp2-libs >= 1.68.1

Test plan

  • CI Trivy scan passes on this branch
  • Remove suppression entry once upstream nginx:alpine image is updated

🤖 Generated with Claude Code

@DeepDiver1975
chore: suppress CVE-2026-27135 until nginx:alpine is rebuilt
2d69888 
nghttp2-libs < 1.68.1 in the current nginx:alpine image; upstream has
not yet published a rebuilt image with the fix.

Signed-off-by: Thomas Müller <1005065+DeepDiver1975@users.noreply.github.com>
@DeepDiver1975 DeepDiver1975 merged commit 3ad9691 into master May 8, 2026
3 checks passed
@DeepDiver1975 DeepDiver1975 deleted the fix/trivyignore-cve-2026-27135 branch May 8, 2026 10:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@DeepDiver1975