Ignore CVE-2018-8088 related to slf4j ext

master
Andrew DeMaria 6 years ago
parent 77ca475fbe
commit ee4cb71052
No known key found for this signature in database
GPG Key ID: 0A3F5E91F8364EDF
  1. 5
      airsonic-main/cve-suppressed.xml

@ -149,4 +149,9 @@
<gav regex="true">^javax\.xml\.stream:stax.*$</gav> <gav regex="true">^javax\.xml\.stream:stax.*$</gav>
<cve>CVE-2017-16224</cve> <cve>CVE-2017-16224</cve>
</suppress> </suppress>
<suppress>
<notes><![CDATA[We do not use slf4j ext]]></notes>
<gav regex="true">.*slf4j.*</gav>
<cve>CVE-2018-8088</cve>
</suppress>
</suppressions> </suppressions>

Loading…
Cancel
Save