From 4527131e10507d493329d8ce193264efaf085249 Mon Sep 17 00:00:00 2001
From: Andrew Vaughan <hello@andrewvaughan.io>
Date: Tue, 8 Aug 2023 16:36:04 -0400
Subject: [PATCH] Configured Grype to automatically ignore CVE-2018-20225 which
 is disputed and causes Python flavors to fail (#2864)

---
 TEMPLATES/.grype.yaml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/TEMPLATES/.grype.yaml b/TEMPLATES/.grype.yaml
index b5d9fe63277..8ba66492bd5 100644
--- a/TEMPLATES/.grype.yaml
+++ b/TEMPLATES/.grype.yaml
@@ -142,4 +142,10 @@ fail-on-severity: "high"
   # golang:
   #   using-cpes: true
   # stock:
-  #   using-cpes: true
\ No newline at end of file
+  #   using-cpes: true
+
+ignore:
+
+  # Ignored by default; disputed and unwarranted CVE that causes Megalinter to fail
+  # @link https://nvd.nist.gov/vuln/detail/CVE-2018-20225
+  - vulnerability: CVE-2018-20225