Apache
/
druid
mirror of https://github.com/apache/druid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Suppress CVE-2020-8840 for htrace-core-4.0.1 (#9379) 

CVE-2020-8840 was updated on 19 Feb 2020, which now gets flagged by the
security vulnerability scan. Since the CVE is for jackson-databind, via
htrace-core-4.0.1, it can be added to the existing list of security
vulnerability suppressions for that dependency.
This commit is contained in:
Chi Cao Minh 2020-02-21 11:05:00 -08:00 committed by GitHub
parent 30c24df4d3
commit 3f848e6a7c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
owasp-dependency-check-suppressions.xml
View File

@ -197,5 +197,6 @@
<cve>CVE-2019-17267</cve>
<cve>CVE-2019-17531</cve>
<cve>CVE-2019-20330</cve>
<cve>CVE-2020-8840</cve>
</suppress>
</suppressions>