File tree Expand file tree Collapse file tree 1 file changed +3
-10
lines changed Expand file tree Collapse file tree 1 file changed +3
-10
lines changed Original file line number Diff line number Diff line change 8
8
<cpe >cpe:/a:grpc:grpc</cpe >
9
9
<cpe >cpe:/a:utils_project:utils</cpe >
10
10
</suppress >
11
- <suppress >
12
- <notes ><![CDATA[
13
- file name: graphql-java-annotations-9.1.jar
14
- ]]> </notes >
15
- <packageUrl regex =" true" >^pkg:maven/io\.github\.graphql\-java/graphql\-java\-annotations@.*$</packageUrl >
16
- <cpe >cpe:/a:graphql-java:graphql-java</cpe >
17
- </suppress >
18
- <suppress until =" 2023-11-30Z" >
11
+ <suppress until =" 2023-12-31Z" >
19
12
<notes ><![CDATA[
20
13
This vulnerability is disputed, with the argument that SSL configuration is the responsibility of the client rather
21
14
than the transport. The change in default is under consideration for the next major Netty release, revisit then.
27
20
<packageUrl regex =" true" >^pkg:maven/io\.netty/netty.*@.*$</packageUrl >
28
21
<vulnerabilityName >CVE-2023-4586</vulnerabilityName >
29
22
</suppress >
30
- <suppress until =" 2023-11-30Z " >
23
+ <suppress until =" 2023-12-31Z " >
31
24
<notes ><![CDATA[
32
25
This CVE is declared fixed from 9.4.52, but the vuln db is not reflecting that. Suppress that specific version until
33
26
db is updated.
37
30
<
packageUrl regex =
" true" >^pkg:maven/org\.eclipse\.jetty/jetty\
[email protected] \..*$</
packageUrl >
38
31
<vulnerabilityName >CVE-2023-36479</vulnerabilityName >
39
32
</suppress >
40
- <suppress until =" 2023-11-30Z " >
33
+ <suppress until =" 2023-12-31Z " >
41
34
<notes ><![CDATA[
42
35
file name: jackson-databind-2.15.2.jar
43
36
]]> </notes >
You can’t perform that action at this time.
0 commit comments