DependencyCheck [FP]: graphql-java-tools-13.0.0.jar flagged with cpe:2.3:a:graphql-java_project:graphql-java:13.0.0:*:*:*:*:*:*:*

[FP]: graphql-java-tools-13.0.0.jar flagged with cpe:2.3:a:graphql-java_project:graphql-java:13.0.0:::::::*

Open cmuchinsky opened this issue 2 years ago • 1 comments

Package URl

pkg:maven/com.graphql-java-kickstart/[email protected]

CPE

cpe:2.3:a:graphql-java_project:graphql-java:13.0.0:::::::*

CVE

CVE-2022-37734

ODC Integration

{"label"=>"Gradle Plugin"}

ODC Version

7.1.2

Description

graphql-java-tools-13.0.0.jar flagged with cpe:2.3:a:graphql-java_project:graphql-java:13.0.0:::::::*

Sep 15 '22 10:09 cmuchinsky

Maven Coordinates

<dependency>
   <groupId>com.graphql-java-kickstart</groupId>
   <artifactId>graphql-java-tools</artifactId>
   <version>13.0.0</version>
</dependency>

Suppression rule:

<suppress base="true">
   <notes><![CDATA[
   FP per issue #4854
   ]]></notes>
   <packageUrl regex="true">^pkg:maven/com\.graphql-java-kickstart/graphql-java-tools@.*$</packageUrl>
   <cpe>cpe:/a:graphql-java_project:graphql-java</cpe>
</suppress>

Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/3059572956

Sep 15 '22 10:09 github-actions[bot]

approved

Sep 20 '22 18:09 aikebah

Suppress rule has been added to the generatedSuppressions branch.

Sep 20 '22 18:09 github-actions[bot]

DependencyCheck DependencyCheck copied to clipboard

[FP]: graphql-java-tools-13.0.0.jar flagged with cpe:2.3:a:graphql-java_project:graphql-java:13.0.0:*:*:*:*:*:*:*

Package URl

CPE

CVE

ODC Integration

ODC Version

Description

DependencyCheck
DependencyCheck copied to clipboard

[FP]: graphql-java-tools-13.0.0.jar flagged with cpe:2.3:a:graphql-java_project:graphql-java:13.0.0:::::::*