OWASP suppressions and adding missing allowed licenses

This commit is contained in:
Michael Hoennig 2024-10-08 19:47:35 +02:00
parent 83d949c7da
commit 2a2d7bf186
2 changed files with 9 additions and 1 deletions

View File

@ -1,7 +1,8 @@
{
"allowedLicenses": [
{ "moduleLicense": "Apache 2.0" },
{ "moduleLicense": "Apache 2" },
{ "moduleLicense": "Apache 2.0" },
{ "moduleLicense": "Apache-2.0" },
{ "moduleLicense": "Apache License 2.0" },
{ "moduleLicense": "Apache License v2.0" },
{ "moduleLicense": "Apache License, Version 2.0" },
@ -33,6 +34,7 @@
{ "moduleLicense": "GPL2 w/ CPE" },
{ "moduleLicense": "LGPL, version 2.1"},
{ "moduleLicense": "LGPL-2.1-or-later"},
{ "moduleLicense": "MIT License" },
{ "moduleLicense": "MIT" },

View File

@ -14,4 +14,10 @@
<packageUrl regex="true">^pkg:maven/org\.pitest/pitest\-command\-line@.*$</packageUrl>
<cpe>cpe:/a:line:line</cpe>
</suppress>
<suppress>
<notes><![CDATA[
Malicious HTTP redirect in JAXB on a REST-endpoint is not that dangerous.
]]></notes>
<cve>CVE-2024-9329</cve>
</suppress>
</suppressions>