[FP]: Payara security-connectors-api 3.1.1 identified as payara 3.1.1 CVE-2022-45129 #7189
Comments
|
Maven Coordinates <dependency>
<groupId>fish.payara.security.connectors</groupId>
<artifactId>security-connectors-api</artifactId>
<version>3.1.1</version>
</dependency>Suppression rule: <suppress base="true">
<notes><![CDATA[
FP per issue #7189
]]></notes>
<packageUrl regex="true">^pkg:maven/fish\.payara\.security\.connectors/security-connectors-api@.*$</packageUrl>
<cpe>cpe:/a:payara:payara</cpe>
</suppress>Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/12011874415 |
|
duplictes #7188 as indicated in the issue template: if you believe a CPE to be invalid you need to file an FP only once |
|
Thanks for the clarification. I previously thought that it was the combination of CPE and package |
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Package URl
pkg:maven/fish.payara.security.connectors/[email protected]
CPE
cpe:2.3:a:payara:payara:3.1.1:*:*:*:*:*:*:*CVE
CVE-2022-45129
ODC Integration
{"label"=>"Maven Plugin"}
ODC Version
11.1.0
Description
No response
The text was updated successfully, but these errors were encountered: