forked from finos/symphony-wdk
-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathallow-list.xml
77 lines (77 loc) · 2.28 KB
/
allow-list.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes><![CDATA[
Dependency coming from spotbug gradle plugin only.
]]></notes>
<gav>org.apache.bcel:bcel:6.5.0</gav>
<cve>CVE-2022-42920</cve>
</suppress>
<suppress>
<notes><![CDATA[
Dependency coming from checkstyle gradle plugin only.
]]></notes>
<gav>com.google.guava:guava:31.1-jre</gav>
<cve>CVE-2020-8908</cve>
</suppress>
<suppress>
<notes><![CDATA[
Dependency coming from checkstyle gradle plugin only.
]]></notes>
<gav>com.google.guava:guava:29.0-jre</gav>
<cve>CVE-2020-8908</cve>
</suppress>
<suppress>
<notes><![CDATA[
Already latest version, to fix later
]]></notes>
<gav>com.h2database:h2:2.1.214</gav>
<cve>CVE-2022-45868</cve>
<cve>CVE-2018-14335</cve>
</suppress>
<suppress>
<notes><![CDATA[
Already latest version, to fix later
]]></notes>
<gav>org.yaml:snakeyaml:1.31</gav>
<cve>CVE-2022-1471</cve>
<cve>CVE-2022-38751</cve>
<cve>CVE-2022-38752</cve>
<cve>CVE-2022-41854</cve>
</suppress>
<suppress>
<notes><![CDATA[
No fix available
]]></notes>
<gav>org.yaml:snakeyaml:1.33</gav>
<cve>CVE-2022-1471</cve>
</suppress>
<suppress>
<notes><![CDATA[
No fix available
]]></notes>
<gav>org.springframework:spring-web:5.3.26</gav>
<cve>CVE-2016-1000027</cve>
</suppress>
<suppress>
<notes><![CDATA[
No fix available
]]></notes>
<gav>org.springframework:spring-expression:5.3.26</gav>
<cve>CVE-2023-20863</cve>
</suppress>
<suppress>
<notes><![CDATA[
Dependency not found in the dependency analyzer, no idea where it is found
]]></notes>
<gav>org.testng:testng:7.5</gav>
<cve>CVE-2022-4065</cve>
</suppress>
<suppress>
<notes><![CDATA[
No fix available
]]></notes>
<gav>net.minidev:json-smart:2.4.8</gav>
<cve>CVE-2023-1370</cve>
</suppress>
</suppressions>