-
Notifications
You must be signed in to change notification settings - Fork 7
Expand file tree
/
Copy pathsuppressions.xml
More file actions
41 lines (40 loc) · 1.7 KB
/
suppressions.xml
File metadata and controls
41 lines (40 loc) · 1.7 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<!-- False positive matches of non-dependencies. These do not need monthly review. -->
<suppress>
<notes><![CDATA[
This suppresses a false positive CPE match
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.inrupt\.client/inrupt\-client\-openid@.*$</packageUrl>
<cpe>cpe:/a:openid:openid</cpe>
</suppress>
<suppress>
<notes><![CDATA[
This suppresses a false positive CPE match
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.roaringbitmap/RoaringBitmap@.*$</packageUrl>
<cpe>cpe:/a:bitmap_project:bitmap</cpe>
</suppress>
<suppress>
<notes><![CDATA[
This suppresses a false positive CVE match
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.inrupt\.client/inrupt-client-webid@.*$</packageUrl>
<cve>CVE-2021-4236</cve>
</suppress>
<suppress>
<notes><![CDATA[
The json-java artifact is not a dependency of this project.
]]></notes>
<packageUrl regex="true">^pkg:maven/(com\.inrupt\.client/inrupt\-client\-jsonb|com\.github\.jsonld\-java/jsonld\-java|net\.javacrumbs\.json\-unit/json\-unit\-core)@.*$</packageUrl>
<cve>CVE-2023-5072</cve>
</suppress>
<suppress>
<notes><![CDATA[
The json-java artifact is not a dependency of this project.
]]></notes>
<packageUrl regex="true">^pkg:maven/(com\.inrupt\.client/inrupt\-client\-jsonb|com\.github\.jsonld\-java/jsonld\-java|net\.javacrumbs\.json\-unit/json\-unit\-core)@.*$</packageUrl>
<cve>CVE-2022-45688</cve>
</suppress>
<!-- Suppressed vulnerabilities. These need monthly review. -->
</suppressions>