Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[FP]: Spring Security for CVE-2018-1258 #6417

Closed
githubuserVenkat opened this issue Jan 23, 2024 · 9 comments
Closed

[FP]: Spring Security for CVE-2018-1258 #6417

githubuserVenkat opened this issue Jan 23, 2024 · 9 comments
Labels
FP Report pending more information

Comments

@githubuserVenkat
Copy link

githubuserVenkat commented Jan 23, 2024
edited
Loading

Package URl

cpe:2.3:a:pivotal_software:spring_security:5.7.6:::::::*

CPE

cpe:2.3:a:pivotal_software:spring_security:5.7.6:::::::*

CVE

CVE-2018-1258

ODC Integration

None

ODC Version

9.0.9

Description

we are using Spring Framework version 5.3.24 combination of Spring Security 5.7.6 which is not vulnerable to this CVE
@github-actions GitHub Actions
Copy link
Contributor

Error parsing package url: Not Available.

Error: Error: purl is missing the required "pkg" scheme component.

Please correct the package URL - consider copying the package url from the HTML report.

@github-actions GitHub Actions
Copy link
Contributor

Failed to automatically evaluate the false positive. See: https://github.com/jeremylong/DependencyCheck/actions/runs/7625509000

@github-actions GitHub Actions
Copy link
Contributor

Error parsing package url: Not Available.

Error: Error: purl is missing the required "pkg" scheme component.

Please correct the package URL - consider copying the package url from the HTML report.

@github-actions GitHub Actions
Copy link
Contributor

Failed to automatically evaluate the false positive. See: https://github.com/jeremylong/DependencyCheck/actions/runs/7625905100

@github-actions GitHub Actions
Copy link
Contributor

Error parsing package url: cpe:2.3:a:pivotal_software:spring_security:5.7.6:::::::*.

Error: Error: purl is missing the required "pkg" scheme component.

Please correct the package URL - consider copying the package url from the HTML report.

@github-actions GitHub Actions
Copy link
Contributor

Failed to automatically evaluate the false positive. See: https://github.com/jeremylong/DependencyCheck/actions/runs/7625915425

@aikebah
Copy link
Collaborator

aikebah commented Feb 11, 2024

Duplicate of #2952

@aikebah aikebah marked this as a duplicate of #2952 Feb 11, 2024
@aikebah aikebah closed this as not planned Won't fix, can't repro, duplicate, stale Feb 11, 2024
@aikebah aikebah reopened this Feb 11, 2024
@aikebah aikebah closed this as completed Feb 11, 2024
@github-actions GitHub Actions
Copy link
Contributor

Error parsing package url: cpe:2.3:a:pivotal_software:spring_security:5.7.6:::::::*.

Error: Error: purl is missing the required "pkg" scheme component.

Please correct the package URL - consider copying the package url from the HTML report.

@github-actions GitHub Actions
Copy link
Contributor

Failed to automatically evaluate the false positive. See: https://github.com/jeremylong/DependencyCheck/actions/runs/7863122436

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Dec 13, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
FP Report pending more information
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aikebah @githubuserVenkat