Skip to content

Commit

Permalink
HTM-1243: Suppress some irrelevant CVEs/CPEs in OWASP scanner (#973)
Browse files Browse the repository at this point in the history 
* HTM-1243: Suppress some irrelevant CVEs/CPEs in OWASP scanner
  • Loading branch information
@mprins
mprins authored Oct 4, 2024
1 parent d7bdef9 commit 2324a28
Showing 1 changed file with 13 additions and 0 deletions.
13 changes: 13 additions & 0 deletions build/qa/owasp-suppression.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,5 +13,18 @@ SPDX-License-Identifier: MIT
<vulnerabilityName>CVE-2022-41852</vulnerabilityName>
<vulnerabilityName>CVE-2022-40159</vulnerabilityName>
<vulnerabilityName>CVE-2022-40160</vulnerabilityName>
</suppress> <suppress>
<notes><![CDATA[
Applies to Eclipse IDE only
]]></notes>
<cve>CVE-2023-4218</cve>
</suppress>
<suppress>
<notes><![CDATA[
any prometheus-metrics-* artifacts
Applies to Prometheus (server) only
]]></notes>
<gav regex="true">io\.prometheus:prometheus-metrics-*.*</gav>
<cpe>cpe:/a:prometheus:prometheus</cpe>
</suppress>
</suppressions>

0 comments on commit 2324a28

Please sign in to comment.