[improve][sec] Suppress etcd CVE warnings (apache#20342)

lhotari · May 18, 2023 · e53fcaa · e53fcaa
1 parent b0bb5ae
commit e53fcaa
Showing 1 changed file with 68 additions and 0 deletions.
diff --git a/src/owasp-dependency-check-suppressions.xml b/src/owasp-dependency-check-suppressions.xml
@@ -229,6 +229,74 @@
         <cve>CVE-2021-42550</cve>
     </suppress>
 
+    <!-- jetcd matched against ETCD server CVEs-->
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-api-0.7.5.jar
+       ]]></notes>
+        <sha1>861af62ae22a71d30f401a80049397fe7ff44423</sha1>
+        <cve>CVE-2020-15113</cve>
+    </suppress>
+
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-core-0.7.5.jar
+       ]]></notes>
+        <sha1>663f2ccc0ec7797954c333fa75feeb7d559948b0</sha1>
+        <cve>CVE-2020-15113</cve>
+    </suppress>
+
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-common-0.7.5.jar
+       ]]></notes>
+        <sha1>abd0ffcd4e66046057c3bfb34affc0de870a038b</sha1>
+        <cve>CVE-2020-15113</cve>
+    </suppress>
+
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-grpc-0.7.5.jar
+       ]]></notes>
+        <sha1>a2e99802fec5586daca0c4daae975fe601a057a8</sha1>
+        <cve>CVE-2017-8359</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-grpc-0.7.5.jar
+       ]]></notes>
+        <sha1>a2e99802fec5586daca0c4daae975fe601a057a8</sha1>
+        <cve>CVE-2020-15113</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-grpc-0.7.5.jar
+       ]]></notes>
+        <sha1>a2e99802fec5586daca0c4daae975fe601a057a8</sha1>
+        <cve>CVE-2020-7768</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-grpc-0.7.5.jar
+       ]]></notes>
+        <sha1>a2e99802fec5586daca0c4daae975fe601a057a8</sha1>
+        <cve>CVE-2017-7861</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-grpc-0.7.5.jar
+       ]]></notes>
+        <sha1>a2e99802fec5586daca0c4daae975fe601a057a8</sha1>
+        <cve>CVE-2017-9431</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+       file name: jetcd-grpc-0.7.5.jar
+       ]]></notes>
+        <sha1>a2e99802fec5586daca0c4daae975fe601a057a8</sha1>
+        <cve>CVE-2017-7860</cve>
+    </suppress>
+
     <!-- bouncycastle misdetections -->
     <suppress>
         <notes><![CDATA[