From 2fb5b751b675cb8d2fc7679cecb2d05c4c61c12c Mon Sep 17 00:00:00 2001
From: Atanas Janeshliev <atanas.janeshliev@proton.ch>
Date: Tue, 23 Sep 2025 10:33:24 +0200
Subject: [PATCH] chore(BRIDGE-428): suppress vulnerability finding -
 GO-2025-3956

---
 utils/govulncheck.sh | 1 +
 1 file changed, 1 insertion(+)

diff --git a/utils/govulncheck.sh b/utils/govulncheck.sh
index 0e4a5dd8..5584ba27 100755
--- a/utils/govulncheck.sh
+++ b/utils/govulncheck.sh
@@ -35,6 +35,7 @@ main(){
     ignore GO-2025-3563 "BRIDGE-346 net/http request smuggling"
     ignore GO-2025-3754 "BRIDGE-388 github.com/cloudflare/circl indirect import from gopenpgp; need to wait for upstream to patch"
     ignore GO-2025-3849 "BRIDGE-416 database/sql race condition leading to potential data overwrite"
+    ignore GO-2025-3956 "BRIDGE-428 LookPath from os/exec may result in binaries listed in the path to be returned"
 
     has_vulns