Add CVEs to the ignored lists by directionless · Pull Request #8458

Add CVEs to the ignored lists by directionless · Pull Request #8458 · osquery/osquery

expat

Closes #8415
Closes #8414
Closes #8413

These bugs are about handling untrusted input, but osquery uses expat only to communicate with DBUS, a trusted system level service.

Closes #8442
Closes #8441
Closes #8376

These bugs are about decompressing untrusted archives. However, osquery does not use libarchive for this.

Closes #8403
Closes #8264

We believe this is an NVD error -- NVD lists this as effecting 4.2.0, but we believe it was patched in 4.2.0-rc1. See #8264