From 28ab0fc5ed4485622bcbdbb7889bb7b3d49699bb Mon Sep 17 00:00:00 2001
From: Sunny Wu <sunny.wu@thetradedesk.com>
Date: Mon, 2 Mar 2026 11:38:12 +1100
Subject: [PATCH] [UID2-6670] Suppress GHSA-72hv-8253-57qq: jackson-core async
 parser not used

---
 .trivyignore | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index d24f9408..95aa9b7d 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,5 +1,7 @@
 # List any vulnerability that are to be accepted
-# See https://aquasecurity.github.io/trivy/v0.35/docs/vulnerability/examples/filter/ 
+# See https://aquasecurity.github.io/trivy/v0.35/docs/vulnerability/examples/filter/
 # for more details
 
-
+# jackson-core async parser DoS - not exploitable, services only use synchronous ObjectMapper API
+# See: UID2-6670
+GHSA-72hv-8253-57qq exp:2026-09-01