Skip to content

Commit

Permalink
More supressions for latest Java/GraalVM CVEs (helidon-io#3835)
Browse files Browse the repository at this point in the history
  • Loading branch information
@barchetta
barchetta authored Jan 26, 2022
1 parent f7e41ab commit cad9d02
Showing 1 changed file with 78 additions and 1 deletion.
79 changes: 78 additions & 1 deletion etc/dependency-check-suppression.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -47,7 +47,7 @@

<!-- GraalVM -->
<!-- This suppresses multiple JDK CVEs related to running untrusted Java code.
These to not apply to Helidon's use of Java/GraalVM
These do not apply to Helidon's use of Java/GraalVM.
-->
<suppress>
<notes><![CDATA[
Expand Down Expand Up @@ -91,6 +91,83 @@
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21291</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21293</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21294</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21296</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21299</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21305</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21340</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21341</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21349</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21360</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21365</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: graal-sdk-21.3.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.graalvm\..*/.*@.*$</packageUrl>
<cve>CVE-2022-21366</cve>
</suppress>


<!-- junit 4 -->
Expand Down

0 comments on commit cad9d02

Please sign in to comment.