Skip to content

Commit

Permalink
[fix][build] Resolve OWASP Dependency Check false positives
Browse files Browse the repository at this point in the history
  • Loading branch information
lhotari committed Jan 2, 2023
1 parent b3f3e0b commit e35089d
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions src/owasp-dependency-check-false-positives.xml
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,12 @@
</notes>
<cpe>cpe:/a:apache:http_server</cpe>
</suppress>
<suppress>
<notes>
apache:apache_http_server is not used.
</notes>
<cpe>cpe:/a:apache:apache_http_server</cpe>
</suppress>
<suppress>
<notes>pulsar-package-bookkeeper-storage gets mixed with bookkeeper.</notes>
<gav regex="true">org\.apache\.pulsar:.*</gav>
Expand Down Expand Up @@ -165,4 +171,9 @@
<sha1>1a754a5dd672218a2ac667d7ff2b28df7a5a240e</sha1>
<cve>CVE-2022-25647</cve>
</suppress>

<suppress>
<notes>commons-net is not used at all and therefore commons-net vulnerability CVE-2021-37533 is a false positive.</notes>
<cve>CVE-2021-37533</cve>
</suppress>
</suppressions>

0 comments on commit e35089d

Please sign in to comment.