This is an automated email from the ASF dual-hosted git repository.
kfaraz pushed a commit to branch 24.0.1
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/24.0.1 by this push:
new c0fb364f80 Suppress vulnerabilities from druid-website package
c0fb364f80 is described below
commit c0fb364f8049d53cd704e414e2ffeab6c49b012e
Author: Kashif Faraz <[email protected]>
AuthorDate: Sat Nov 5 11:19:21 2022 +0530
Suppress vulnerabilities from druid-website package
---
owasp-dependency-check-suppressions.xml | 28 ++++++++++++++++++++++++++++
1 file changed, 28 insertions(+)
diff --git a/owasp-dependency-check-suppressions.xml
b/owasp-dependency-check-suppressions.xml
index d7a9af6b41..ae083f7357 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -695,4 +695,32 @@
<packageUrl
regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-java\-util@.*$</packageUrl>
<cve>CVE-2022-3171</cve>
</suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: ansi-regex:5.0.0
+ ]]></notes>
+ <packageUrl regex="true">^pkg:npm/ansi\-regex@.*$</packageUrl>
+ <vulnerabilityName>1084697</vulnerabilityName>
+ </suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: glob-parent:5.1.1
+ ]]></notes>
+ <packageUrl regex="true">^pkg:npm/glob\-parent@.*$</packageUrl>
+ <vulnerabilityName>1081884</vulnerabilityName>
+ </suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: minimatch:3.0.4
+ ]]></notes>
+ <packageUrl regex="true">^pkg:npm/minimatch@.*$</packageUrl>
+ <vulnerabilityName>1084765</vulnerabilityName>
+ </suppress>
+ <suppress>
+ <notes><![CDATA[
+ file name: y18n:4.0.0
+ ]]></notes>
+ <packageUrl regex="true">^pkg:npm/y18n@.*$</packageUrl>
+ <vulnerabilityName>1070209</vulnerabilityName>
+ </suppress>
</suppressions>
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
