Skip to content

Commit

Permalink
Suppress CVE that does not affect us
Browse files Browse the repository at this point in the history
  • Loading branch information
@tdrwenski
tdrwenski committed Mar 20, 2024
1 parent 38a765b commit 05a123c
Showing 1 changed file with 8 additions and 0 deletions.
8 changes: 8 additions & 0 deletions project-files/owasp-dependency-check/dependency-check-suppression.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -146,4 +146,12 @@
<packageUrl regex="true">^pkg:maven/org\.quartz\-scheduler/quartz@.*$</packageUrl>
<cve>CVE-2023-39017</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: thredds-5.5-SNAPSHOT.war: spring-security-core-5.7.11.jar
reason: we do not use AuthenticatedVoter directly
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework\.security/spring\-security\-core@.*$</packageUrl>
<vulnerabilityName>CVE-2024-22257</vulnerabilityName>
</suppress>
</suppressions>

0 comments on commit 05a123c

Please sign in to comment.