DependencyCheck
DependencyCheck copied to clipboard
jeremylong
[FP]: jackson-xc
Package URl
pkg:maven/org.codehaus.jackson/[email protected]
CPE
cpe:2.3:a:fasterxml:jackson-databind:1.9.13:::::::*
CVE
No response
ODC Integration
{"label"=>"Maven Plugin"}
ODC Version
7.1.1
Description
No response
Maven Coordinates
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-xc</artifactId>
<version>1.9.13</version>
</dependency>
Suppression rule:
<suppress base="true">
<notes><![CDATA[
FP per issue #4621
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.codehaus\.jackson/jackson-xc@.*$</packageUrl>
<cpe>cpe:/a:fasterxml:jackson-databind</cpe>
</suppress>
Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/2547462401
![github-actions[bot] avatar](https://avatars.githubusercontent.com/in/15368?v=4 "Published by a pub.dev verified publisher"){kind=small}
Maven Coordinates
<dependency>
<groupId>org.codehaus.jackson</groupId>
<artifactId>jackson-xc</artifactId>
<version>1.9.13</version>
</dependency>
Suppression rule:
<suppress base="true">
<notes><![CDATA[
FP per issue #4621
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.codehaus\.jackson/jackson-xc@.*$</packageUrl>
<cpe>cpe:/a:fasterxml:jackson-databind</cpe>
</suppress>
Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/2547520736
@tobiasstadler As a side note: Are you aware that this module has changed coordinates ages ago for version 2.x?
https://mvnrepository.com/artifact/org.codehaus.jackson/jackson-xc
Yes, I am well aware of that and I want to get rid of it. But unfortunately it is part of a client library for some external service I have to use.
Suppress rule has been added to the generatedSuppressions branch.