Skip to content

Commit

Permalink
Suppress jgit false positive
Browse files Browse the repository at this point in the history
  • Loading branch information
barchetta committed Oct 19, 2023
1 parent 4c6bcde commit 9b231ab
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions etc/dependency-check-suppression.xml
Original file line number Diff line number Diff line change
Expand Up @@ -121,4 +121,17 @@
<vulnerabilityName>CVE-2023-4586</vulnerabilityName>
</suppress>

<!--
This is a FP. We have upgrade jgit to a fixed version, but it is still getting flagged.
Probably due to the funky version string used by jgit. See
https://github.com/jeremylong/DependencyCheck/issues/5943
-->
<suppress>
<notes><![CDATA[
file name: org.eclipse.jgit-6.7.0.202309050840-r.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$</packageUrl>
<cve>CVE-2023-4759</cve>
</suppress>

</suppressions>

0 comments on commit 9b231ab

Please sign in to comment.