-
Notifications
You must be signed in to change notification settings - Fork 2
/
dependency-check-suppressions.xml
60 lines (60 loc) · 2.19 KB
/
dependency-check-suppressions.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress>
<notes><![CDATA[
confuses libats-metrics-akka_2.12-0.3.0-38-g6acedb6.jar with akka:0.3.0.38
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.advancedtelematic/libats\-metrics\-akka_2\.12@.*$</packageUrl>
<cpe>cpe:/a:akka:akka</cpe>
</suppress>
<suppress>
<notes><![CDATA[
confuses akka-http-circe_2.12-1.27.0.jar with akka:1.27.0
similar to https://github.com/jeremylong/DependencyCheck/issues/2050
]]></notes>
<packageUrl regex="true">^pkg:maven/de\.heikoseeberger/akka\-http\-circe_2\.12@.*$</packageUrl>
<cpe>cpe:/a:akka:akka</cpe>
</suppress>
<suppress>
<notes><![CDATA[
confuses jw-security-akka-http_2.12-0.4.5-7-g0239acb.jar with akka:0.4.5.7
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.advancedtelematic/jw\-security\-akka\-http_2\.12@.*$</packageUrl>
<cpe>cpe:/a:akka:akka</cpe>
</suppress>
<suppress>
<notes><![CDATA[
confuses libats-metrics-prometheus_2.12-0.3.0-38-g6acedb6.jar with prometheus:0.3.0.38
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.advancedtelematic/libats\-metrics\-prometheus_2\.12@.*$</packageUrl>
<cpe>cpe:/a:prometheus:prometheus</cpe>
</suppress>
<suppress>
<notes><![CDATA[
only used for ScalaDoc, not used by us
]]></notes>
<packageUrl regex="true">^pkg:javascript/jquery@.*$</packageUrl>
<cve>CVE-2012-6708</cve>
</suppress>
<suppress>
<notes><![CDATA[
only used for ScalaDoc, not used by us (https://github.com/scala/bug/issues/11567)
]]></notes>
<packageUrl regex="true">^pkg:javascript/jquery@.*$</packageUrl>
<cve>CVE-2015-9251</cve>
</suppress>
<suppress>
<notes><![CDATA[
only used for ScalaDoc, not used by us
]]></notes>
<packageUrl regex="true">^pkg:javascript/jquery@.*$</packageUrl>
<cve>CVE-2019-11358</cve>
</suppress>
<suppress>
<notes><![CDATA[
only concerns Kafka servers, not clients
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.kafka/kafka\-clients@.*$</packageUrl>
<cve>CVE-2018-17196</cve>
</suppress>
</suppressions>