1616 -->
1717
1818<suppressions xmlns =" https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd"
19- <suppress >
20- <notes ><![CDATA[
21- This CVE only affects projects fetching p2 repo's over HTTP, but we use HTTPS.
22- ]]> </notes >
23- <cve >CVE-2021-41033</cve >
24- </suppress >
25- <suppress >
26- <notes ><![CDATA[
27- We are using Reload4j, which is a secure drop-in replacement for log4j.
28- ]]> </notes >
29- <cve >CVE-2020-9493</cve >
30- </suppress >
3119 <suppress >
32- <notes ><![CDATA[
33- We are using Reload4j, which is a secure drop-in replacement for log4j .
34- ]]> notes >
35- <cve >CVE-2022-23307 </cve >
20+ <notes ><![CDATA[
21+ This CVE only affects projects fetching p2 repo's over HTTP, but we use HTTPS .
22+ ]]> </notes >
23+ <cve >CVE-2021-41033 </cve >
3624 </suppress >
3725 <suppress >
3826 <notes ><![CDATA[
4735 ]]> </notes >
4836 <cve >CVE-2019-10249</cve >
4937 </suppress >
50- <suppress >
51- <notes ><![CDATA[
52- Calling the method `com.google.common.io.Files.createTempDir` is a vulnerability,
53- but we do not call it.
54- ]]> </notes >
55- <cve >CVE-2020-8908</cve >
56- </suppress >
57- <suppress >
58- <notes ><![CDATA[
59- We are not creating SVG's with Batik of Apache XML Graphics.
60- ]]> </notes >
61- <cve >CVE-2022-41704</cve >
62- </suppress >
63- <suppress >
64- <notes ><![CDATA[
65- We are not creating SVG's with Batik of Apache XML Graphics.
66- ]]> </notes >
67- <cve >CVE-2022-42890</cve >
68- </suppress >
69- <suppress >
70- <notes ><![CDATA[
71- This CVE is not about org.eclipse.e4.emf.xpath. It seems the check is
72- too loose.
73- ]]> </notes >
74- <cve >CVE-2022-41852</cve >
75- </suppress >
76- <suppress >
77- <notes ><![CDATA[
78- This only affects milestone and RC versions, but we use a stable release.
79- ]]> </notes >
80- <cve >CVE-2020-15824</cve >
81- </suppress >
82- <suppress >
83- <notes ><![CDATA[
84- This CVE only affects projects fetching p2 repo's over HTTP, but we use HTTPS.
85- ]]> </notes >
86- <cve >CVE-2021-41033</cve >
87- </suppress >
88- <suppress >
89- <notes ><![CDATA[
90- We are using Reload4j, which is a secure drop-in replacement for log4j.
91- ]]> </notes >
92- <cve >CVE-2020-9493</cve >
93- </suppress >
94- <suppress >
95- <notes ><![CDATA[
96- We are using Reload4j, which is a secure drop-in replacement for log4j.
97- ]]> </notes >
98- <cve >CVE-2022-23307</cve >
99- </suppress >
100- <suppress >
101- <notes ><![CDATA[
102- This CVE is not about org.junit.platform.commons. It seems the check is
103- too loose.
104- ]]> </notes >
105- <cve >CVE-2020-27225</cve >
106- </suppress >
107- <suppress >
108- <notes ><![CDATA[
109- This CVE only affects projects using Xtext prior to 2.18.0.
110- ]]> </notes >
111- <cve >CVE-2019-10249</cve >
112- </suppress >
113- <suppress >
114- <notes ><![CDATA[
115- Calling the method `com.google.common.io.Files.createTempDir` is a vulnerability,
116- but we do not call it.
117- ]]> </notes >
118- <cve >CVE-2020-8908</cve >
119- </suppress >
120- <suppress >
121- <notes ><![CDATA[
122- We are not creating SVG's with Batik of Apache XML Graphics.
123- ]]> </notes >
124- <cve >CVE-2022-41704</cve >
125- </suppress >
126- <suppress >
127- <notes ><![CDATA[
128- We are not creating SVG's with Batik of Apache XML Graphics.
129- ]]> </notes >
130- <cve >CVE-2022-42890</cve >
131- </suppress >
132- <suppress >
133- <notes ><![CDATA[
134- This CVE is not about org.eclipse.e4.emf.xpath. It seems the check is
135- too loose.
136- ]]> </notes >
137- <cve >CVE-2022-41852</cve >
138- </suppress >
139- <suppress >
140- <notes ><![CDATA[
141- This only affects milestone and RC versions, but we use a stable release.
142- ]]> </notes >
143- <cve >CVE-2020-15824</cve >
144- </suppress >
14538</suppressions >
0 commit comments