From 5aa3ce34513a1e6be78f2e633baac44e2a28de73 Mon Sep 17 00:00:00 2001 From: Maytas Monsereenusorn Date: Thu, 6 May 2021 14:01:23 -0700 Subject: [PATCH 1/2] suppressing false positive CVE-2020-7791 --- owasp-dependency-check-suppressions.xml | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/owasp-dependency-check-suppressions.xml b/owasp-dependency-check-suppressions.xml index 30147fbe7b7c..30f8879bf8bd 100644 --- a/owasp-dependency-check-suppressions.xml +++ b/owasp-dependency-check-suppressions.xml @@ -157,6 +157,13 @@ ^pkg:maven/com\.nimbusds/nimbus\-jose\-jwt@4.41.1$ CVE-2019-17195 + + + ^pkg:maven/org\.apache\.directory\.server/apacheds\-i18n@2.0.0\-M15$ + CVE-2020-7791 + Date: Thu, 6 May 2021 15:21:45 -0700 Subject: [PATCH 2/2] add comments --- owasp-dependency-check-suppressions.xml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/owasp-dependency-check-suppressions.xml b/owasp-dependency-check-suppressions.xml index 30f8879bf8bd..5326442b3e46 100644 --- a/owasp-dependency-check-suppressions.xml +++ b/owasp-dependency-check-suppressions.xml @@ -158,10 +158,11 @@ CVE-2019-17195 + - ^pkg:maven/org\.apache\.directory\.server/apacheds\-i18n@2.0.0\-M15$ + ^pkg:maven/org\.apache\.directory\.server/apacheds\-i18n@.*$ CVE-2020-7791