diff options
| author | Albin <albin@mullvad.net> | 2022-12-08 09:52:14 +0100 |
|---|---|---|
| committer | Albin <albin@mullvad.net> | 2022-12-08 15:38:36 +0100 |
| commit | 93d313aae81be30285d097bd511944f1bb6b00cb (patch) | |
| tree | c8cb016b30399641e321efa77200fd0682ffc5d4 | |
| parent | 121fa076394e2a30c5d208413bb5d439986124d4 (diff) | |
| download | mullvadvpn-93d313aae81be30285d097bd511944f1bb6b00cb.tar.xz mullvadvpn-93d313aae81be30285d097bd511944f1bb6b00cb.zip | |
Suppress test framework CVEs
CVEs:
- CVE-2020-8908
- CVE-2021-37714
- CVE-2022-36033
| -rw-r--r-- | android/config/dependency-check-suppression.xml | 40 |
1 files changed, 40 insertions, 0 deletions
diff --git a/android/config/dependency-check-suppression.xml b/android/config/dependency-check-suppression.xml index a9d3168fcf..109347ab5a 100644 --- a/android/config/dependency-check-suppression.xml +++ b/android/config/dependency-check-suppression.xml @@ -45,4 +45,44 @@ <packageUrl regex="true">^pkg:maven/commons\-.*/commons\-.*@.*$</packageUrl> <cve>CVE-2021-37533</cve> </suppress> + <suppress> + <notes><![CDATA[ + This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic + checks and tracking externally. + + File name: guava-28.2-android.jar + ]]></notes> + <packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl> + <cve>CVE-2020-8908</cve> + </suppress> + <suppress> + <notes><![CDATA[ + This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic + checks and tracking externally. + + File name: guava-28.2-android.jar + ]]></notes> + <packageUrl regex="true">^pkg:maven/com\.google\.guava/guava@.*$</packageUrl> + <cve>CVE-2020-8908</cve> + </suppress> + <suppress> + <notes><![CDATA[ + This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic + checks and tracking externally. + + File name: jsoup-1.12.2.jar + ]]></notes> + <packageUrl regex="true">^pkg:maven/org\.jsoup/jsoup@.*$</packageUrl> + <cve>CVE-2021-37714</cve> + </suppress> + <suppress> + <notes><![CDATA[ + This CVE only part of the debugAndroidTestRuntimeClasspath so suppressing in automatic + checks and tracking externally. + + File name: jsoup-1.12.2.jar + ]]></notes> + <packageUrl regex="true">^pkg:maven/org\.jsoup/jsoup@.*$</packageUrl> + <cve>CVE-2022-36033</cve> + </suppress> </suppressions> |