From 556fbb482c4e94c5b2dac0405dade34d1e029d7e Mon Sep 17 00:00:00 2001
From: Tim Pansino <timpansino@gmail.com>
Date: Tue, 16 Dec 2025 11:57:01 -0500
Subject: [PATCH] Update list of trivy ignored cves

---
 .github/.trivyignore | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/.github/.trivyignore b/.github/.trivyignore
index 1f9f11bd30..b418eb9779 100644
--- a/.github/.trivyignore
+++ b/.github/.trivyignore
@@ -1,9 +1,15 @@
+# =============================
+# Accepted Risk Vulnerabilities
+# =============================
+
+# Accepting risk due to Python 3.8 support.
+CVE-2025-50181  # Requires misconfiguration of urllib3, which agent does not do without intervention
+CVE-2025-66418  # Malicious servers could cause high resource consumption
+CVE-2025-66471  # Malicious servers could cause high resource consumption
+
 # =======================
 # Ignored Vulnerabilities
 # =======================
 
-# Accepting risk due to Python 3.8 support.
-CVE-2025-50181
-
 # Not relevant, only affects Pyodide
 CVE-2025-50182