[FP]: pkg:maven/com.amazonaws/[email protected] and CVE-2022-31115 #7132
Comments
|
Maven Coordinates <dependency>
<groupId>com.amazonaws</groupId>
<artifactId>aws-java-sdk-opensearch</artifactId>
<version>1.12.641</version>
</dependency>Suppression rule: <suppress base="true">
<notes><![CDATA[
FP per issue #7132
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.amazonaws/aws-java-sdk-opensearch@.*$</packageUrl>
<cpe>cpe:/a:amazon:opensearch</cpe>
</suppress>Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/11672522764 |
|
This one looks legit to me @aikebah - WDYT? |
|
approved |
|
Suppress rule has been added to the |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Package URl
pkg:maven/com.amazonaws/[email protected]
CPE
cpe:2.3:a:amazon:opensearch:1.12.641:*:*:*:*:*:*:*CVE
CVE-2022-31115
ODC Integration
{"label"=>"Maven Plugin"}
ODC Version
10.0.4
Description
This CVE is for a ruby dependency and being matched against a java jar.
The text was updated successfully, but these errors were encountered: