Skip to content

Commit

Permalink
suppress hadoop cve
Browse files Browse the repository at this point in the history
  • Loading branch information
@LakshSingla
LakshSingla committed Nov 6, 2023
1 parent 0cc8839 commit 89bdc66
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions owasp-dependency-check-suppressions.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -760,6 +760,7 @@
<cve>CVE-2023-37475</cve> <!-- Suppressing since CVE wrongly linked to apache:avro project - https://github.com/jeremylong/DependencyCheck/issues/5843 -->
<cve>CVE-2023-39410</cve> <!-- This seems to be a legitimate vulnerability. But there is no fix as of yet in Hadoop repo -->
<cve>CVE-2023-44487</cve> <!-- Occurs in the version of Hadoop used by Jetty, but it hasn't been fixed by Hadoop yet-->
<cve>CVE-2023-36478</cve> <!-- Occurs in the version of Hadoop used by Jetty, but it hasn't been fixed by Hadoop yet-->
</suppress>
<suppress>
<!-- from extensions using hadoop-client-api, these dependencies are shaded in the jar -->
Expand Down

0 comments on commit 89bdc66

Please sign in to comment.