summaryrefslogtreecommitdiffhomepage
path: root/android
diff options
context:
space:
mode:
authorAlbin <albin@mullvad.net>2022-06-01 08:28:59 +0200
committerAlbin <albin@mullvad.net>2022-06-15 10:25:32 +0200
commit6ef066c9b1bde0a4ab35daf29f5656608479b5ac (patch)
tree688ba111e31d604f009e596ce7ac450458fa87bd /android
parent3b400f9d2c23c0e0a6ff61d65da4250604966951 (diff)
downloadmullvadvpn-6ef066c9b1bde0a4ab35daf29f5656608479b5ac.tar.xz
mullvadvpn-6ef066c9b1bde0a4ab35daf29f5656608479b5ac.zip
Suppress false positive CVE-2021-22569
Diffstat (limited to 'android')
-rw-r--r--android/config/dependency-check-suppression.xml8
-rw-r--r--android/e2e/e2e-suppression.xml8
2 files changed, 16 insertions, 0 deletions
diff --git a/android/config/dependency-check-suppression.xml b/android/config/dependency-check-suppression.xml
index 31c3e293ad..2efc7cff12 100644
--- a/android/config/dependency-check-suppression.xml
+++ b/android/config/dependency-check-suppression.xml
@@ -6,4 +6,12 @@
]]></notes>
<cve>CVE-2022-24329</cve>
</suppress>
+ <suppress>
+ <notes><![CDATA[
+ This CVE is a false positive as javalite isn't affected according to:
+ https://cloud.google.com/support/bulletins#gcp-2022-001
+ ]]></notes>
+ <packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-javalite@.*$</packageUrl>
+ <cve>CVE-2021-22569</cve>
+ </suppress>
</suppressions>
diff --git a/android/e2e/e2e-suppression.xml b/android/e2e/e2e-suppression.xml
index a3be14e7b4..42ee64cfcb 100644
--- a/android/e2e/e2e-suppression.xml
+++ b/android/e2e/e2e-suppression.xml
@@ -13,4 +13,12 @@
<packageUrl regex="true">^pkg:maven/androidx\.test\.services/storage@.*$</packageUrl>
<cve>CVE-2021-20291</cve>
</suppress>
+ <suppress>
+ <notes><![CDATA[
+ This CVE is a false positive as javalite isn't affected according to:
+ https://cloud.google.com/support/bulletins#gcp-2022-001
+ ]]></notes>
+ <packageUrl regex="true">^pkg:maven/com\.google\.protobuf/protobuf\-javalite@.*$</packageUrl>
+ <cve>CVE-2021-22569</cve>
+ </suppress>
</suppressions>