DependencyCheck icon indicating copy to clipboard operation
DependencyCheck copied to clipboard

Published 20 hours ago verified publisher icon jeremylong

[FP]: easyuploads reported as vaadin

Open jeremylong opened this issue 1 year ago • 3 comments

Package URl

pkg:maven/org.vaadin.addon/[email protected]

CPE

cpe:2.3:a:vaadin:vaadin:8.0.1:*:*:*:*:*:*:*

CVE

No response

ODC Integration

{"label"=>"Maven Plugin"}

ODC Version

7.1.1

Description

No response

jeremylong avatar Sep 05 '22 10:09 jeremylong

Failed to automatically evaluate the false positive. See: https://github.com/jeremylong/DependencyCheck/actions/runs/2992685756

github-actions[bot] avatar Sep 05 '22 11:09 github-actions[bot]

Failed to automatically evaluate the false positive. See: https://github.com/jeremylong/DependencyCheck/actions/runs/2992748045

github-actions[bot] avatar Sep 05 '22 11:09 github-actions[bot]

Maven Coordinates

<dependency>
   <groupId>org.vaadin.addon</groupId>
   <artifactId>easyuploads</artifactId>
   <version>8.0.1</version>
</dependency>

Suppression rule:

<suppress base="true">
   <notes><![CDATA[
   FP per issue #4806
   ]]></notes>
   <packageUrl regex="true">^pkg:maven/org\.vaadin\.addon/easyuploads@.*$</packageUrl>
   <cpe>cpe:/a:vaadin:vaadin</cpe>
</suppress>

Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/2992809228

github-actions[bot] avatar Sep 05 '22 11:09 github-actions[bot]

approved

aikebah avatar Sep 20 '22 18:09 aikebah

Suppress rule has been added to the generatedSuppressions branch.

github-actions[bot] avatar Sep 20 '22 18:09 github-actions[bot]