You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
"Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2"
There are also version ranges that utilize the word "through" instead of before.
SELECTvulnerability.idFROM vulnerability INNER JOIN software ONvulnerability.id=software.cveidINNER JOIN cpeEntry ONcpeEntry.id=software.cpeentryidWHERE DESCRIPTION LIKE'% before 0%'OR DESCRIPTION LIKE'% before 1%'OR DESCRIPTION LIKE'% before 2%'OR DESCRIPTION LIKE'% before 3%'OR DESCRIPTION LIKE'% before 4%'OR DESCRIPTION LIKE'% before 5%'OR DESCRIPTION LIKE'% before 6%'OR DESCRIPTION LIKE'% before 7%'OR DESCRIPTION LIKE'% before 8%'OR DESCRIPTION LIKE'% before 9%'OR DESCRIPTION LIKE'% through 0%'OR DESCRIPTION LIKE'% through 1%'OR DESCRIPTION LIKE'% through 2%'OR DESCRIPTION LIKE'% through 3%'OR DESCRIPTION LIKE'% through 4%'OR DESCRIPTION LIKE'% through 5%'OR DESCRIPTION LIKE'% through 6%'OR DESCRIPTION LIKE'% through 7%'OR DESCRIPTION LIKE'% through 8%'OR DESCRIPTION LIKE'% through 9%'GROUP BYvulnerability.idHAVINGCOUNT(DISTINCT cpeEntry.vendor)=1ANDCOUNT(DISTINCT cpeEntry.product)=1
)
Once implemented consider removing the patch for issue #534.
The text was updated successfully, but these errors were encountered:
To make dependency-check more accurate the tool should extract version ranges from the CVE text. As an example see https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-3558
"Hibernate Validator 4.1.0 before 4.2.1, 4.3.x before 4.3.2, and 5.x before 5.1.2"
There are also version ranges that utilize the word "through" instead of before.
Once implemented consider removing the patch for issue #534.
The text was updated successfully, but these errors were encountered: