/
dependency-suppression.xml
129 lines (129 loc) · 4.89 KB
/
dependency-suppression.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
<suppress until="2024-06-30">
<notes><![CDATA[
file name: aws-android-sdk-appsync-api-3.4.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.amazonaws/aws\-android\-sdk\-appsync\-api@.*$</packageUrl>
<cve>CVE-2015-10043</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: aws-android-sdk-appsync-runtime-3.4.0.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.amazonaws/aws\-android\-sdk\-appsync\-runtime@.*$</packageUrl>
<cve>CVE-2015-10043</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: jackson-databind-2.12.7.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
<cve>CVE-2023-35116</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-analysis-intellij-1.8.10.jar (shaded: com.google.code.gson:gson:2.8.8)
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.google\.code\.gson/gson@.*$</packageUrl>
<cve>CVE-2022-25647</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-analysis-intellij-1.8.10.jar (shaded: com.google.guava:guava:31.0.1-jre)
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl>
<cve>CVE-2023-2976</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-analysis-intellij-1.8.10.jar (shaded: com.google.protobuf:protobuf-java:2.6.1)
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-java@.*$</packageUrl>
<cve>CVE-2022-3171</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-analysis-intellij-1.8.10.jar (shaded: com.google.protobuf:protobuf-java:2.6.1)
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-java@.*$</packageUrl>
<vulnerabilityName>CVE-2022-3509</vulnerabilityName>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-analysis-intellij-1.8.10.jar (shaded: com.google.protobuf:protobuf-java:2.6.1)
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-java@.*$</packageUrl>
<cve>CVE-2021-22569</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-reflect-0.11.91.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-reflect@.*$</packageUrl>
<cve>CVE-2019-10101</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-reflect-0.11.91.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-reflect@.*$</packageUrl>
<cve>CVE-2019-10102</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-reflect-0.11.91.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-reflect@.*$</packageUrl>
<cve>CVE-2019-10103</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-reflect-0.11.91.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-reflect@.*$</packageUrl>
<cve>CVE-2020-29582</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-reflect-0.11.91.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-reflect@.*$</packageUrl>
<cve>CVE-2022-24329</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: okhttp-4.3.1.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.squareup\.okhttp3/okhttp@.*$</packageUrl>
<vulnerabilityName>CVE-2021-0341</vulnerabilityName>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: woodstox-core-6.2.4.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.fasterxml\.woodstox/woodstox\-core@.*$</packageUrl>
<cve>CVE-2022-40152</cve>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: kotlin-analysis-intellij-1.8.10.jar (shaded: com.google.guava:guava:31.0.1-jre)
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl>
<vulnerabilityName>CVE-2020-8908</vulnerabilityName>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: org.eclipse.jgit-4.4.1.201607150455-r.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.eclipse\.jgit/org\.eclipse\.jgit@.*$</packageUrl>
<vulnerabilityName>CVE-2023-4759</vulnerabilityName>
</suppress>
<suppress until="2024-06-30">
<notes><![CDATA[
file name: okio-metadata-3.2.0-all.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.squareup\.okio/okio@.*$</packageUrl>
<vulnerabilityName>CVE-2023-3635</vulnerabilityName>
</suppress>
</suppressions>