-
Notifications
You must be signed in to change notification settings - Fork 16
Expand file tree
/
Copy pathowasp-dependency-check-suppression.xml
More file actions
96 lines (96 loc) · 3.78 KB
/
owasp-dependency-check-suppression.xml
File metadata and controls
96 lines (96 loc) · 3.78 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes>
<![CDATA[
file names:
netty-buffer-4.1.72.Final.jar
netty-codec-4.1.72.Final.jar
netty-codec-http-4.1.72.Final.jar
netty-codec-http2-4.1.72.Final.jar
netty-codec-socks-4.1.72.Final.jar
netty-common-4.1.72.Final.jar
netty-handler-4.1.72.Final.jar
netty-handler-proxy-4.1.72.Final.jar
netty-resolver-4.1.72.Final.jar
netty-transport-4.1.72.Final.jar
]]>
</notes>
<packageUrl regex="true">^pkg:maven/io\.netty/netty\-.*@.*$</packageUrl>
<vulnerabilityName>CVE-2022-24823</vulnerabilityName>
<vulnerabilityName>CVE-2022-41881</vulnerabilityName>
<vulnerabilityName>CVE-2022-41915</vulnerabilityName>
<vulnerabilityName>CVE-2023-34462</vulnerabilityName>
<vulnerabilityName>CVE-2023-44487</vulnerabilityName>
<vulnerabilityName>CVE-2024-47535</vulnerabilityName>
<vulnerabilityName>CVE-2025-24970</vulnerabilityName>
<vulnerabilityName>CVE-2025-25193</vulnerabilityName>
</suppress>
<suppress>
<notes>
<![CDATA[
file name: guava-31.0.1-android.jar
]]>
</notes>
<packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl>
<vulnerabilityName>CVE-2020-8908</vulnerabilityName>
<vulnerabilityName>CVE-2023-2976</vulnerabilityName>
</suppress>
<suppress>
<notes>
<![CDATA[
file name: grpc-*-1.45.1.jar
]]>
</notes>
<packageUrl regex="true">^pkg:maven/io\.grpc/grpc\-.*@.*$</packageUrl>
<vulnerabilityName>CVE-2023-44487</vulnerabilityName>
</suppress>
<suppress>
<notes>
<![CDATA[
file name: kotlinx-coroutines-play-services-1.6.4.jar
]]>
</notes>
<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlinx/kotlinx\-coroutines\-play\-services@.*$</packageUrl>
<vulnerabilityName>CVE-2020-22475</vulnerabilityName>
<vulnerabilityName>CVE-2022-39349</vulnerabilityName>
</suppress>
<suppress>
<notes>
<![CDATA[
file name: netty-codec-http-4.1.72.Final.jar
]]>
</notes>
<packageUrl regex="true">^pkg:maven/io\.netty/netty-codec-http@.*$</packageUrl>
<vulnerabilityName>CVE-2024-29025</vulnerabilityName>
</suppress>
<suppress>
<notes>
<![CDATA[
file name: launcher-0.0.9-alpha02.jar (shaded: com.google.protobuf:protobuf-kotlin:3.18.0)
]]>
</notes>
<packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf-kotlin@.*$</packageUrl>
<vulnerabilityName>CVE-2021-22569</vulnerabilityName>
<vulnerabilityName>CVE-2022-3171</vulnerabilityName>
<vulnerabilityName>CVE-2022-3510</vulnerabilityName>
</suppress>
<suppress>
<notes>
<![CDATA[
file name: commons-io-2.13.0.jar
]]>
</notes>
<packageUrl regex="true">^pkg:maven/commons-io/commons-io@.*$</packageUrl>
<vulnerabilityName>CVE-2024-47554</vulnerabilityName>
</suppress>
<suppress>
<notes>
<![CDATA[
file name: protobuf-java-3.22.3.jar
]]>
</notes>
<packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf-java@.*$</packageUrl>
<vulnerabilityName>CVE-2024-7254</vulnerabilityName>
</suppress>
</suppressions>