Merge branch 'main' of https://github.com/Cloudrisk/rune-python-generator

Author: dschwartz-ftadvisory

allow-list.xml

@@ -79,4 +79,67 @@
 	   ]]></notes>
 	   <cve>CVE-2020-15824</cve>
 	</suppress>
+   <suppress>
+      <notes><![CDATA[
+      This CVE only affects projects fetching p2 repo's over HTTP, but we use HTTPS.
+      ]]></notes>
+      <cve>CVE-2021-41033</cve>
+   </suppress>
+   <suppress>
+	  <notes><![CDATA[
+	  We are using Reload4j, which is a secure drop-in replacement for log4j.
+	  ]]></notes>
+	  <cve>CVE-2020-9493</cve>
+	</suppress>
+	<suppress>
+	   <notes><![CDATA[
+	   We are using Reload4j, which is a secure drop-in replacement for log4j.
+	   ]]></notes>
+	   <cve>CVE-2022-23307</cve>
+	</suppress>
+	<suppress>
+	   <notes><![CDATA[
+	   This CVE is not about org.junit.platform.commons. It seems the check is
+	   too loose.
+	   ]]></notes>
+	   <cve>CVE-2020-27225</cve>
+	</suppress>
+	<suppress>
+	   <notes><![CDATA[
+	   This CVE only affects projects using Xtext prior to 2.18.0.
+	   ]]></notes>
+	   <cve>CVE-2019-10249</cve>
+	</suppress>
+	<suppress>
+	   <notes><![CDATA[
+	   Calling the method `com.google.common.io.Files.createTempDir` is a vulnerability,
+	   but we do not call it.
+	   ]]></notes>
+	   <cve>CVE-2020-8908</cve>
+	</suppress>
+	<suppress>
+	   <notes><![CDATA[
+	   We are not creating SVG's with Batik of Apache XML Graphics.
+	   ]]></notes>
+	   <cve>CVE-2022-41704</cve>
+	</suppress>
+	<suppress>
+	   <notes><![CDATA[
+	   We are not creating SVG's with Batik of Apache XML Graphics.
+	   ]]></notes>
+	   <cve>CVE-2022-42890</cve>
+	</suppress>
+	<suppress>
+	   	<notes><![CDATA[
+	   This CVE is not about org.eclipse.e4.emf.xpath. It seems the check is
+	   too loose.
+	   ]]></notes>
+	   <cve>CVE-2022-41852</cve>
+	</suppress>
+	<suppress>
+	   <notes><![CDATA[
+	   This only affects milestone and RC versions, but we use a stable release.
+	   ]]></notes>
+	   <cve>CVE-2020-15824</cve>
+	</suppress>
 </suppressions>