Skip to content

Commit f9399fa

Browse files
chore: suppression update
1 parent b031218 commit f9399fa

File tree

1 file changed

+3
-10
lines changed

1 file changed

+3
-10
lines changed

owasp-suppressions.xml

Lines changed: 3 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -8,14 +8,7 @@
88
<cpe>cpe:/a:grpc:grpc</cpe>
99
<cpe>cpe:/a:utils_project:utils</cpe>
1010
</suppress>
11-
<suppress>
12-
<notes><![CDATA[
13-
file name: graphql-java-annotations-9.1.jar
14-
]]></notes>
15-
<packageUrl regex="true">^pkg:maven/io\.github\.graphql\-java/graphql\-java\-annotations@.*$</packageUrl>
16-
<cpe>cpe:/a:graphql-java:graphql-java</cpe>
17-
</suppress>
18-
<suppress until="2023-11-30Z">
11+
<suppress until="2023-12-31Z">
1912
<notes><![CDATA[
2013
This vulnerability is disputed, with the argument that SSL configuration is the responsibility of the client rather
2114
than the transport. The change in default is under consideration for the next major Netty release, revisit then.
@@ -27,7 +20,7 @@
2720
<packageUrl regex="true">^pkg:maven/io\.netty/netty.*@.*$</packageUrl>
2821
<vulnerabilityName>CVE-2023-4586</vulnerabilityName>
2922
</suppress>
30-
<suppress until="2023-11-30Z">
23+
<suppress until="2023-12-31Z">
3124
<notes><![CDATA[
3225
This CVE is declared fixed from 9.4.52, but the vuln db is not reflecting that. Suppress that specific version until
3326
db is updated.
@@ -37,7 +30,7 @@
3730
<packageUrl regex="true">^pkg:maven/org\.eclipse\.jetty/jetty\[email protected]\..*$</packageUrl>
3831
<vulnerabilityName>CVE-2023-36479</vulnerabilityName>
3932
</suppress>
40-
<suppress until="2023-11-30Z">
33+
<suppress until="2023-12-31Z">
4134
<notes><![CDATA[
4235
file name: jackson-databind-2.15.2.jar
4336
]]></notes>

0 commit comments

Comments
 (0)