[FP]: Wrongly reporting vulnerability CVE-2024-20506 on clamav-client-1.0.1.jar #7025
Comments
|
Maven Coordinates <dependency>
<groupId>fi.solita.clamav</groupId>
<artifactId>clamav-client</artifactId>
<version>1.0.1</version>
</dependency>Suppression rule: <suppress base="true">
<notes><![CDATA[
FP per issue #7025
]]></notes>
<packageUrl regex="true">^pkg:maven/fi\.solita\.clamav/clamav-client@.*$</packageUrl>
<cpe>cpe:/a:clamav:clamav</cpe>
</suppress>Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/11263616245 |
|
Dupe of #7018 :-) |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Package URl
pkg:maven/fi.solita.clamav/[email protected]
CPE
cpe:2.3:a:clamav:clamav:1.0.1:*:*:*:*:*:*:*CVE
CVE-2024-20506
ODC Integration
{"label"=>"Gradle Plugin"}
ODC Version
10.0.3
Description
CVE reported for clamav is alerting on the clamav-client library, which is incorrect. Similar to #7018 and #7017.
The text was updated successfully, but these errors were encountered: