This is an automated email from the ASF dual-hosted git repository.
kfaraz pushed a commit to branch 25.0.0
in repository https://gitbox.apache.org/repos/asf/druid.git
The following commit(s) were added to refs/heads/25.0.0 by this push:
new d5d0698217 Suppress CVE-2022-45685 and CVE-2022-45693 from jettison-1.3
d5d0698217 is described below
commit d5d06982172846827e30df25e42413475cf46e66
Author: Kashif Faraz <[email protected]>
AuthorDate: Fri Dec 16 16:53:28 2022 +0530
Suppress CVE-2022-45685 and CVE-2022-45693 from jettison-1.3
---
owasp-dependency-check-suppressions.xml | 2 ++
1 file changed, 2 insertions(+)
diff --git a/owasp-dependency-check-suppressions.xml
b/owasp-dependency-check-suppressions.xml
index 4f6f70a8f1..79063189d2 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -228,6 +228,8 @@
<packageUrl
regex="true">^pkg:maven/org\.codehaus\.jettison/jettison@1.*$</packageUrl>
<cve>CVE-2022-40149</cve>
<cve>CVE-2022-40150</cve>
+ <cve>CVE-2022-45685</cve>
+ <cve>CVE-2022-45693</cve>
</suppress>
<suppress>
<!-- TODO: Fix by using com.datastax.oss:java-driver-core instead of
com.netflix.astyanax:astyanax in extensions-contrib/cassandra-storage -->
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
