swetan27

Results 3 comments of swetan27

False positive for tomcat-embed-el-9.0.38.jar

Yes, they are the same ones available from Maven Central

False positive for tomcat-embed-el-9.0.38.jar

After scanning with v0.10.1 the vulnerabilities related to tomcat-embed-el-9.0.38 are not being reported. But I see Jersey related vulnerabilities being reported which are also false positive. Attaching the output below:...

Anchore Engine Analysis reporting vulnerabilities in the sink and not source of the issue

@zhill - Kindly look into the issue