-
Notifications
You must be signed in to change notification settings - Fork 1
/
Copy pathowasp-suppress.xml
21 lines (21 loc) · 1.14 KB
/
owasp-suppress.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<!-- Suppress only if you are not using Databinder -->
<suppress>
<notes><![CDATA[file name: spring-core-6.1.11.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring-core@.*$</packageUrl>
<cve>CVE-2024-38820</cve>
</suppress>
<!-- Suppress only if you are not parsing ETags from If-Match or If-None-Match headers -->
<suppress>
<notes><![CDATA[file name: spring-web-6.1.11.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring-web@.*$</packageUrl>
<vulnerabilityName>CVE-2024-38809</vulnerabilityName>
</suppress>
<!-- Suppress only if you are using Tomcat or Jetty to run the application, or using the Spring Security firewall -->
<suppress>
<notes><![CDATA[file name: spring-webmvc-6.1.11.jar]]></notes>
<packageUrl regex="true">^pkg:maven/org\.springframework/spring-webmvc@.*$</packageUrl>
<vulnerabilityName>CVE-2024-38816</vulnerabilityName>
</suppress>
</suppressions>