Skip to content

Commit

Permalink
fix(fp): FP per issue #6695
Browse files Browse the repository at this point in the history
  • Loading branch information
@github-actions
github-actions[bot] committed May 28, 2024
1 parent 09a7272 commit b2052fb
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions generatedSuppressions.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1636,4 +1636,11 @@ only pkg:maven/org.clojure:clojure@.* is the CPE cpe:/a:clojure:clojure
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.lz4/lz4-java@.*$</packageUrl>
<cpe>cpe:/a:lz4_project:lz4</cpe>
</suppress>
<suppress base="true">
<notes><![CDATA[
FP per issue #6695
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.logging\.log4j/log4j-slf4j2-impl@.*$</packageUrl>
<cpe>cpe:/a:apache:log4j</cpe>

This comment has been minimized.

Sign in to view

Copy link
@volkert-fastned

volkert-fastned May 28, 2024

Contributor

@jeremylong Wrong CPE in the suppression. Of the two listed in the flagged vulnerability, I probably picked the wrong one to enter in the FP report template. This change in the suppression works for me:

<cpe>cpe:/a:log4js_project:log4js</cpe>
</suppress>

0 comments on commit b2052fb

Please sign in to comment.