Suppress CVEs - Avatica, Postgres (#12884)

This commit is contained in:
Abhishek Agarwal 2022-08-10 14:18:19 +05:30 committed by GitHub
parent 4706a4c572
commit b4985ccd5e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 16 additions and 0 deletions

View File

@ -602,4 +602,20 @@
<cve>CVE-2021-41561</cve>
</suppress>
<suppress>
<!-- Avatica server itself is not affected. Vulnerability exists only on client. -->
<notes><![CDATA[
file name: avatica-server-1.17.0.jar
]]></notes>
<cve>CVE-2022-36364</cve>
</suppress>
<suppress>
<!-- False positive. 42.3.3 is not affected by the CVE. And we don't use Resultset.refreshRow method either -->
<notes><![CDATA[
file name: postgresql-42.3.3.jar
]]></notes>
<cve>CVE-2022-31197</cve>
</suppress>
</suppressions>