owasp-suppressions.xml

<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
    <suppress>
        <notes><![CDATA[
        Only applies to running Glassfish in older JDKs
   ]]></notes>
        <packageUrl regex="true">^pkg:maven/org\.glassfish\.expressly/expressly@.*$</packageUrl>
        <cve>CVE-2023-5763</cve>
    </suppress>
    <suppress>
        <notes><![CDATA[
        False positive as per https://github.com/oracle/graal/issues/8204 - shaded jar
   ]]></notes>
        <packageUrl regex="true">^pkg:maven/org\.graalvm\.shadowed/icu4j@.*$</packageUrl>
        <cve>CVE-2014-9654</cve>
        <cve>CVE-2014-9911</cve>
        <cve>CVE-2016-6293</cve>
        <cve>CVE-2016-7415</cve>
        <cve>CVE-2017-14952</cve>
        <cve>CVE-2017-17484</cve>
        <cve>CVE-2015-5922</cve>
        <cve>CVE-2020-10531</cve>
        <cve>CVE-2011-4599</cve>
        <cve>CVE-2014-7923</cve>
        <cve>CVE-2014-7926</cve>
        <cve>CVE-2014-7940</cve>
        <cve>CVE-2014-8146</cve>
        <cve>CVE-2014-8147</cve>
        <cve>CVE-2017-7867</cve>
        <cve>CVE-2017-7868</cve>
        <cve>CVE-2017-15396</cve>
        <cve>CVE-2017-15422</cve>
        <cve>CVE-2020-21913</cve>
    </suppress>

</suppressions>