Skip to content

Docs CSC now features an automatic Finnish translation. Click here for more information.

Warning!

Puhti and Mahti are being decommissioned in stages, and their storage areas will become fully unavailable from 15 October 2026. Clean up unnecessary files and move any data you need to keep by 31 August 2026. See the Roihu data migration guide for instructions on transferring your data to Roihu.

Puhti scratch is very full: keep only active data there and move or delete everything else. No new Puhti scratch quota will be granted.

CVE Allowlist

A CVE Allowlist is used to ignore specific vulnerabilities that are known but accepted temporarily.

Sometimes vulnerabilities cannot be fixed immediately because: * No patch is available * The vulnerability is not exploitable in your environment * It does not affect the application functionality

In these cases, administrators can add the vulnerability to the CVE Allowlist. This allows certain vulnerabilities to be ignored for this project.

You have two options: * System allowlist Uses the global allowlist defined by Satama administrators * Project allowlist uses defined custom CVEs specific to this project.

You can click ADD to add CVE IDs manually. Click COPY FROM SYSTEM to copy global allowlist entries and set expiration date or choose "Never expires".