Apache/druid
1
0
Fork 0
mirror of https://github.com/apache/druid.git synced 2025-02-25 12:35:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

suppress CVE-2021-40331 since it applies to ranger-hive-plugin which afaict we do not use (#14261)

Browse Source
This commit is contained in:
Clint Wylie 2023-05-11 21:58:47 -07:00 committed by GitHub
parent 9875090bee
commit eae9e07ea9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
owasp-dependency-check-suppressions.xml
View File

@ -825,4 +825,12 @@
<!-- this one seems to apply to backend server - https://nvd.nist.gov/vuln/detail/CVE-2023-25613 -->
<cve>CVE-2023-25613</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: ranger-plugins-*-2.0.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.ranger/ranger\-plugins\-.*@2.0.0$</packageUrl>
<!-- applies to ranger-hive-plugin which afaict we do not use https://nvd.nist.gov/vuln/detail/CVE-2021-40331 -->
<cve>CVE-2021-40331</cve>
</suppress>
</suppressions>