summaryrefslogtreecommitdiffhomepage
path: root/android/config
AgeCommit message (Collapse)AuthorFilesLines
2022-12-13Set CVE suppression expiration to 2023-05-01Albin1-8/+8
2022-12-13Suppress CVE-2022-3510Albin1-0/+1
2022-12-08Suppress test framework CVEsAlbin1-0/+40
CVEs: - CVE-2020-8908 - CVE-2021-37714 - CVE-2022-36033
2022-12-08Update suppression of CVE-2022-3171Albin1-1/+14
2022-12-08Update suppression of CVE-2021-22569Albin1-3/+5
2022-12-08Remove suppression of CVE-2022-24329Albin1-6/+0
This CVE has been fixed upstream.
2022-12-08Suppress CVE-2021-37533Albin1-0/+15
This CVE affects the Apache Commons Net's FTP client that this app doesn't use. https://www.openwall.com/lists/oss-security/2022/12/03/1 File names: - commons-beanutils-1.9.4.jar - commons-collections-3.2.2.jar - commons-digester-2.1.jar - commons-logging-1.2.jar - commons-validator-1.7.jar
2022-10-07Suppress CVE-2022-3171 from automatic audit checksAlbin1-0/+7
This suppression only affects the Android app. The CVE will instead be tracked externally and will likely be mitigated by either updating affected dependencies or by identifying that it doesn't affect the app.
2022-06-15Suppress false positive CVE-2021-22569Albin1-0/+8
2022-03-09Suppress false positive Android CVEAlbin1-0/+9
The CVE (CVE-2022-24329) only affects "Multiplatform Gradle Projects" according to the CVE description, which this is not, and therefore it's considered a false positive.