mirror of https://github.com/apache/druid.git
Suppress CVEs - Avatica, Postgres (#12884)
This commit is contained in:
parent
4706a4c572
commit
b4985ccd5e
|
@ -602,4 +602,20 @@
|
||||||
<cve>CVE-2021-41561</cve>
|
<cve>CVE-2021-41561</cve>
|
||||||
</suppress>
|
</suppress>
|
||||||
|
|
||||||
|
<suppress>
|
||||||
|
<!-- Avatica server itself is not affected. Vulnerability exists only on client. -->
|
||||||
|
<notes><![CDATA[
|
||||||
|
file name: avatica-server-1.17.0.jar
|
||||||
|
]]></notes>
|
||||||
|
<cve>CVE-2022-36364</cve>
|
||||||
|
</suppress>
|
||||||
|
|
||||||
|
<suppress>
|
||||||
|
<!-- False positive. 42.3.3 is not affected by the CVE. And we don't use Resultset.refreshRow method either -->
|
||||||
|
<notes><![CDATA[
|
||||||
|
file name: postgresql-42.3.3.jar
|
||||||
|
]]></notes>
|
||||||
|
<cve>CVE-2022-31197</cve>
|
||||||
|
</suppress>
|
||||||
|
|
||||||
</suppressions>
|
</suppressions>
|
||||||
|
|
Loading…
Reference in New Issue