summaryrefslogtreecommitdiffhomepage
path: root/android
diff options
context:
space:
mode:
Diffstat (limited to 'android')
-rw-r--r--android/config/dependency-check-suppression.xml16
-rw-r--r--android/test/test-suppression.xml9
2 files changed, 25 insertions, 0 deletions
diff --git a/android/config/dependency-check-suppression.xml b/android/config/dependency-check-suppression.xml
index cfc9a57563..589b5d5317 100644
--- a/android/config/dependency-check-suppression.xml
+++ b/android/config/dependency-check-suppression.xml
@@ -25,4 +25,20 @@
<packageUrl regex="true">^pkg:maven/androidx\.test\.services/storage@.*$</packageUrl>
<cve>CVE-2014-9152</cve>
</suppress>
+ <suppress until="2024-12-01Z">
+ <notes><![CDATA[
+ False-positive only affecting javascript gRPC packages.
+ ]]></notes>
+ <packageUrl regex="true">^pkg:maven/io\.grpc/protoc\-gen\-grpc\-kotlin@.*$</packageUrl>
+ <cve>CVE-2020-7768</cve>
+ </suppress>
+ <suppress until="2024-12-01Z">
+ <notes><![CDATA[
+ No impact on this app since it uses UDS rather than HTTP2.
+ ]]></notes>
+ <packageUrl regex="true">^pkg:maven/io\.grpc/.*@.*$</packageUrl>
+ <cve>CVE-2023-32732</cve>
+ <cve>CVE-2023-33953</cve>
+ <cve>CVE-2023-44487</cve>
+ </suppress>
</suppressions>
diff --git a/android/test/test-suppression.xml b/android/test/test-suppression.xml
index ef8f8c4702..fac53625c9 100644
--- a/android/test/test-suppression.xml
+++ b/android/test/test-suppression.xml
@@ -8,4 +8,13 @@
<packageUrl regex="true">^pkg:maven/androidx\.test\.services/storage@.*$</packageUrl>
<cve>CVE-2014-9152</cve>
</suppress>
+ <suppress until="2024-12-01Z">
+ <notes><![CDATA[
+ No impact on this app since it uses UDS rather than HTTP2.
+ ]]></notes>
+ <packageUrl regex="true">^pkg:maven/io\.grpc/grpc.*-stub@.*$</packageUrl>
+ <cve>CVE-2023-32732</cve>
+ <cve>CVE-2023-33953</cve>
+ <cve>CVE-2023-44487</cve>
+ </suppress>
</suppressions>
Copyright © 2025 - 2026 Wayne Cole. WTFPL. Attribution appreciated. No warranty. Not liable for bodily damages.