Skip to content

[FP]: tool is detecting a vulnerability on the basis of a product jar name which happens to be same name as of a 3PP #8019

New issue
New issue
Closed as not planned
Closed as not planned
[FP]: tool is detecting a vulnerability on the basis of a product jar name which happens to be same name as of a 3PP#8019
Labels
FP Report
@va699

Description

@va699
va699
opened on Oct 9, 2025

Package URl

pkg:maven/com.XXX.YYY.ZZZ.server/[email protected]

CPE

cpe:2.3:a:webgui:webgui:1.0.15.57:::::::*

CVE

CVE-2008-4798

ODC Integration

{"label" => "Docker"}

ODC Version

12

Description

in our product, we have a inbuilt jar with the name as webgui and dependency checker is wrongly identifying it as a 3PP with the same name. and hence find it to be vulnerable.

Metadata

Metadata

Assignees

No one assigned

    Labels

    FP Report

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions