From 7d332c6f6a6359e6656b71d5efccdb86c9222a74 Mon Sep 17 00:00:00 2001
From: Abhishek Agarwal <1477457+abhishekagarwal87@users.noreply.github.com>
Date: Tue, 6 Sep 2022 11:46:56 +0530
Subject: [PATCH] Suppress false CVEs (#13026)
* Suppress CVEs
* Add more suppressions
---
integration-tests-ex/cases/pom.xml | 7 +++++++
integration-tests-ex/image/pom.xml | 7 +++++++
integration-tests-ex/tools/pom.xml | 12 ++++++++++++
owasp-dependency-check-suppressions.xml | 17 +++++++++++++++--
4 files changed, 41 insertions(+), 2 deletions(-)
diff --git a/integration-tests-ex/cases/pom.xml b/integration-tests-ex/cases/pom.xml
index cfb91276c12..86713aec4e0 100644
--- a/integration-tests-ex/cases/pom.xml
+++ b/integration-tests-ex/cases/pom.xml
@@ -241,6 +241,13 @@
+
+ org.owasp
+ dependency-check-maven
+
+ true
+
+
diff --git a/integration-tests-ex/image/pom.xml b/integration-tests-ex/image/pom.xml
index dcd59badbcb..649367f056a 100644
--- a/integration-tests-ex/image/pom.xml
+++ b/integration-tests-ex/image/pom.xml
@@ -225,6 +225,13 @@ Reference: https://dzone.com/articles/build-docker-image-from-maven
+
+ org.owasp
+ dependency-check-maven
+
+ true
+
+
diff --git a/integration-tests-ex/tools/pom.xml b/integration-tests-ex/tools/pom.xml
index b6222214384..fe7777ebf11 100644
--- a/integration-tests-ex/tools/pom.xml
+++ b/integration-tests-ex/tools/pom.xml
@@ -153,4 +153,16 @@
+
+
+
+ org.owasp
+ dependency-check-maven
+
+ true
+
+
+
+
+
diff --git a/owasp-dependency-check-suppressions.xml b/owasp-dependency-check-suppressions.xml
index 8518c34a83d..f3bb9975503 100644
--- a/owasp-dependency-check-suppressions.xml
+++ b/owasp-dependency-check-suppressions.xml
@@ -49,15 +49,18 @@
CVE-2017-16613
-
^pkg:maven/org\.apache\.jclouds\.api/openstack\-keystone@.*$
+
CVE-2015-7546
CVE-2020-12689
CVE-2020-12690
CVE-2020-12691
+
+
+ CVE-2021-3563
+
+ CVE-2022-25857
^pkg:maven/org\.apache\.hive/hive-storage-api@2.8.1$
CVE-2020-13949
CVE-2021-34538
+ CVE-2021-4125