Apache/druid
1
0
Fork 0
mirror of https://github.com/apache/druid.git synced 2025-02-23 11:06:19 +00:00
Code Issues Packages Projects Releases Wiki Activity

Supress CVE 2022 26612 (#12463)

Browse Source 
* supress CVE-2022-26612

* adding packageUrl

* suppressing CVE-2022-26612

* adding packageUrl

* moving to hadoop section
This commit is contained in:
Tejaswini Bandlamudi 2022-04-21 21:18:20 +05:30 committed by GitHub
parent 73ce5df22d
commit 65d00c705c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
owasp-dependency-check-suppressions.xml
View File

@ -320,12 +320,14 @@
<cve>CVE-2018-8029</cve>
</suppress>
<suppress>
<!-- Suppress cves that aren't applicable to hadoop client -->
<notes><![CDATA[
file name: hadoop-*-2.8.5.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.hadoop/hadoop\-.*@.*$</packageUrl>
<cve>CVE-2018-11765</cve>
<cve>CVE-2020-9492</cve>
<cve>CVE-2022-26612</cve>
</suppress>
<suppress>
<notes><![CDATA[
@ -479,4 +481,5 @@
<packageUrl regex="true">^pkg:maven/org\.asynchttpclient/async-http-client-netty-utils@2.5.3$</packageUrl>
<cve>CVE-2021-43138</cve>
</suppress>
</suppressions>