From a2b08a474bd65a623370e5bcb9055687630447e0 Mon Sep 17 00:00:00 2001
From: "Mark S. Lewis" <Mark.S.Lewis@outlook.com>
Date: Fri, 13 Sep 2024 13:20:31 +0100
Subject: [PATCH] Ignore false positive for CVE-2024-8421 (#748)

This is a RedHat-specific CVE to address CVE-2023-39325 in RedHat
products, and is only detected by Nancy. CVE-2023-39325 was resolved in
golang.org/x/net/http2@v0.17.0. See:

- https://pkg.go.dev/vuln/GO-2023-2102

Signed-off-by: Mark S. Lewis <Mark.S.Lewis@outlook.com>
---
 .nancy-ignore | 1 +
 1 file changed, 1 insertion(+)
 create mode 100644 .nancy-ignore

diff --git a/.nancy-ignore b/.nancy-ignore
new file mode 100644
index 000000000..70ce3bc90
--- /dev/null
+++ b/.nancy-ignore
@@ -0,0 +1 @@
+CVE-2024-8421 # RedHat-specific duplicate of CVE-2023-39325