Skip to content

Commit

Permalink
Suppress CVE-2023-35116 for jackson-databind
Browse files Browse the repository at this point in the history 
Disputed CVE that marks all versions as vulnerable - FasterXML/jackson-databind#3972
  • Loading branch information
@alifahadk
alifahadk committed Jun 27, 2023
1 parent c9cd39e commit c59f437
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions dependency-suppression/cve-suppressed.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -78,4 +78,11 @@
<cve>CVE-2022-31678</cve>
<cve>CVE-2022-31701</cve>
</suppress>
<suppress>
<notes><![CDATA[
file name: jackson-databind-*.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com.fasterxml.jackson.core/jackson-databind@.*$</packageUrl>
<cve>CVE-2023-35116</cve>
</suppress>
</suppressions>

0 comments on commit c59f437

Please sign in to comment.