MCP Kafka Schema Reg

# Trivy ignore file for documented security exceptions # # CVE-2023-45853: zlib integer overflow vulnerability # Status: will_not_fix by Debian maintainers # Rationale: This vulnerability affects zipOpenNewFileInZip4_6 function which is not # used in our application context. The Debian security team has marked this as # will_not_fix, indicating it's not exploitable in normal usage scenarios. # References: https://avd.aquasec.com/nvd/cve-2023-45853 CVE-2023-45853 # glibc LD_LIBRARY_PATH vulnerability # CVE-2025-4802: Base image vulnerability that doesn't affect our containerized Python application # as we don't use setuid binaries or allow dynamic library loading from user-controlled paths CVE-2025-4802 # Linux PAM vulnerabilities - System level, not exploitable in containerized Python app # CVE-2025-6020: Directory traversal - not applicable as we don't use PAM authentication CVE-2025-6020 # Perl vulnerabilities - System perl not used by our application # CVE-2023-31484: CPAN.pm TLS vulnerability - not applicable as we don't use perl/CPAN CVE-2023-31484 # Future exceptions should be added here with: # - CVE number # - Clear justification # - Mitigation measures taken # - References to upstream decisions