forked from FraunhoferIOSB/FAAAST-Service
-
Notifications
You must be signed in to change notification settings - Fork 0
/
owaspSuppressions.xml
67 lines (67 loc) · 2.79 KB
/
owaspSuppressions.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes><![CDATA[file name: dataformat-uanodeset-1.2.1.jar]]></notes>
<packageUrl regex="true">^pkg:maven/io\.admin\-shell\.aas/dataformat\-uanodeset@.*$</packageUrl>
<cpe>cpe:/a:opcfoundation:ua-nodeset</cpe>
</suppress>
<suppress>
<notes><![CDATA[file name: jackson-databind-2.13.4.jar]]></notes>
<packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
<cve>CVE-2022-42003</cve>
</suppress>
<!-- begin: false positive -->
<suppress>
<notes><![CDATA[file name: msgpack-core-0.9.3.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.msgpack/msgpack\-core@.*$</packageUrl>
<cve>CVE-2022-41719</cve>
</suppress>
<!-- end: false positive -->
<!-- begin: only affects FTP acces which is not used in this project -->
<suppress>
<notes><![CDATA[file name: commons-compress-1.21.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.commons/commons\-compress@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: commons-compress-1.22.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.commons/commons\-compress@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: commons-csv-1.9.0.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.commons/commons\-csv@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: commons-io-2.11.0.jar]]></notes>
<packageUrl regex="true">^pkg:maven/commons\-io/commons\-io@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: commons-logging-1.2.jar]]></notes>
<packageUrl regex="true">^pkg:maven/commons\-logging/commons\-logging@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: commons-math3-3.6.1.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.commons/commons\-math3@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: jcl-over-slf4j-1.7.36.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.slf4j/jcl\-over\-slf4j@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: commons-cli-1.5.0.jar]]></notes>
<packageUrl regex="true">^pkg:maven/commons\-cli/commons\-cli@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<suppress>
<notes><![CDATA[file name: commons-codec-1.15.jar]]></notes>
<packageUrl regex="true">^pkg:maven/commons\-codec/commons\-codec@.*$</packageUrl>
<cve>CVE-2021-37533</cve>
</suppress>
<!-- end: only affects FTP acces which is not used in this project -->
</suppressions>