[FP]: False positive findings in Dependency Checker for Oracle Database server

[va699]

Package URl

/tmp/src/jars_archive.tar.gz/jars_archive.tar/var/TimesTen/TT/SDP5_5976/TT1814381Linux8664/lib/orai18n.jar

CPE

cpe:2.3:a:oracle:text:18c:::::::*

CVE

CVE-2021-2045

ODC Integration

{"label" => "Docker"}

ODC Version

12.1.0

Description

This vulnerability is specific to Oracle Database Server
Tool is reporting this vulnerability on TimesTen in-memory databse. Although this vulnerability is specific to Oracle Database Server
Product does not include Oracle Database Server
Timesten in memory DB is also not a dependency of Oracle Database Server

CVE-2021-2045
CVE-2020-14734

[github-actions]

Error parsing package url: /tmp/src/jars_archive.tar.gz/jars_archive.tar/var/TimesTen/TT/SDP5_5976/TT1814381Linux8664/lib/orai18n.jar.

Error: Error: Invalid purl: missing required "pkg" scheme component

Please correct the package URL - consider copying the package url from the HTML report.

[github-actions]

Failed to automatically evaluate the false positive. See: https://github.com/dependency-check/DependencyCheck/actions/runs/17032833325

[github-actions]

Error parsing package url: /tmp/src/jars_archive.tar.gz/jars_archive.tar/var/TimesTen/TT/SDP5_5976/TT1814381Linux8664/lib/orai18n.jar.

Error: Error: Invalid purl: missing required "pkg" scheme component

Please correct the package URL - consider copying the package url from the HTML report.

[github-actions]

Failed to automatically evaluate the false positive. See: https://github.com/dependency-check/DependencyCheck/actions/runs/17037513922

[github-actions]

Error parsing package url: /tmp/src/jars_archive.tar.gz/jars_archive.tar/var/TimesTen/TT/SDP5_5976/TT1814381Linux8664/lib/orai18n.jar.

Error: Error: Invalid purl: missing required "pkg" scheme component

Please correct the package URL - consider copying the package url from the HTML report.

[github-actions]

Failed to automatically evaluate the false positive. See: https://github.com/dependency-check/DependencyCheck/actions/runs/17037579844

[github-actions]

Error parsing package url: /tmp/src/jars_archive.tar.gz/jars_archive.tar/var/TimesTen/TT/SDP5_5976/TT1814381Linux8664/lib/orai18n.jar.

Error: Error: Invalid purl: missing required "pkg" scheme component

Please correct the package URL - consider copying the package url from the HTML report.

[github-actions]

Failed to automatically evaluate the false positive. See: https://github.com/dependency-check/DependencyCheck/actions/runs/17037590159