From cf74a4450c60c616a283ccadd96cae8410fa9e05 Mon Sep 17 00:00:00 2001 From: Lukasz Lenart Date: Mon, 22 Jan 2024 09:28:14 +0100 Subject: [PATCH] Fixes excluding Plexus container in OWASP scan --- src/etc/project-suppression.xml | 21 ++++++++------------- 1 file changed, 8 insertions(+), 13 deletions(-) diff --git a/src/etc/project-suppression.xml b/src/etc/project-suppression.xml index be1c572b18..7b2a1c5fbd 100644 --- a/src/etc/project-suppression.xml +++ b/src/etc/project-suppression.xml @@ -132,21 +132,16 @@ ^pkg:maven/org\.codehaus\.plexus/plexus\-utils@.*$ cpe:/a:plexus-utils_project:plexus-utils + CVE-2022-4244 + CVE-2022-4245 + CVE-2017-1000487 - - ^pkg:maven/org\.codehaus\.plexus/plexus\-utils@.*$ - CVE-2017-1000487 - - - - ^pkg:maven/org\.codehaus\.plexus/plexus\-utils@.*$ - Directory traversal in org.codehaus.plexus.util.Expand - - - - ^pkg:maven/org\.codehaus\.plexus/plexus\-utils@.*$ - Possible XML Injection + + ^pkg:maven/org\.codehaus\.plexus\/plexus\-container\-default@.*$ + cpe:/a:plexus-utils_project:plexus-utils + CVE-2022-4244 + CVE-2022-4245