ignore nancy warning

jc21 · jc21 · commit 0eeed1695c3b · 2023-02-24T21:16:17.000+10:00
diff --git a/backend/.nancy-ignore b/backend/.nancy-ignore
@@ -1,41 +1,31 @@
 # If you need to ignore any of nancy's warnings add them
-
 # here with a reference to the package/version that
-
 # triggers them and rational for ignoring it.
-
 # pkg:golang/github.com/coreos/etcd@3.3.10
-
 # etcd before versions 3.3.23 and 3.4.10 does not perform any password length validation
-
 CVE-2020-15115
 
 # pkg:golang/github.com/coreos/etcd@3.3.10
-
 # In ectd before versions 3.4.10 and 3.3.23, gateway TLS authentication is only applied to endpoints detected in DNS SRV records
-
 CVE-2020-15136
 
 # pkg:golang/github.com/coreos/etcd@3.3.10
-
 # In etcd before versions 3.3.23 and 3.4.10, the etcd gateway is a simple TCP proxy to allow for basic service discovery and access
-
 CVE-2020-15114
 
 # pkg:golang/github.com/gorilla/websocket@1.4.0
-
 # Integer Overflow or Wraparound
-
 CWE-190
 
 # jwt-go before 4.0.0-preview1 allows attackers to bypass intended access restrict...
-
 CVE-2020-26160
 
 # https://ossindex.sonatype.org/vulnerability/sonatype-2021-1485
-
 sonatype-2021-1485
 
 # CWE-770: Allocation of Resources Without Limits or Throttling
-
 CVE-2022-41717
+CVE-2022-41723
+
+# CWE-400: Uncontrolled Resource Consumption ('Resource Exhaustion')
+CVE-2022-41723
