mirror of https://github.com/apache/druid.git
Suppress CVEs - Avatica, Postgres (#12884)
This commit is contained in:
parent
4706a4c572
commit
b4985ccd5e
|
@ -602,4 +602,20 @@
|
|||
<cve>CVE-2021-41561</cve>
|
||||
</suppress>
|
||||
|
||||
<suppress>
|
||||
<!-- Avatica server itself is not affected. Vulnerability exists only on client. -->
|
||||
<notes><![CDATA[
|
||||
file name: avatica-server-1.17.0.jar
|
||||
]]></notes>
|
||||
<cve>CVE-2022-36364</cve>
|
||||
</suppress>
|
||||
|
||||
<suppress>
|
||||
<!-- False positive. 42.3.3 is not affected by the CVE. And we don't use Resultset.refreshRow method either -->
|
||||
<notes><![CDATA[
|
||||
file name: postgresql-42.3.3.jar
|
||||
]]></notes>
|
||||
<cve>CVE-2022-31197</cve>
|
||||
</suppress>
|
||||
|
||||
</suppressions>
|
||||
|
|
Loading…
Reference in New Issue