Apache
/
druid
mirror of https://github.com/apache/druid.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Suppress CVEs for openstack-keystone (#9903) 

CVE-2020-12689, CVE-2020-12691, and CVE-2020-12690 can be ignored for
openstack-keystone as they are for the python SDK and druid uses the
java SDK.
This commit is contained in:
Chi Cao Minh 2020-05-22 10:32:17 -07:00 committed by GitHub
parent 132a1c9fe7
commit fd6fffc4b8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
owasp-dependency-check-suppressions.xml
View File

@ -53,6 +53,9 @@
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.jclouds\.api/openstack\-keystone@.*$</packageUrl>
<cve>CVE-2015-7546</cve>
<cve>CVE-2020-12689</cve>
<cve>CVE-2020-12690</cve>
<cve>CVE-2020-12691</cve>
</suppress>
<!-- FIXME: These are suppressed so that CI can enforce that no new vulnerable dependencies are added. -->