CVE-2022-45688 Ignore false possitive

Consensys · Mar 27, 2023 · a064eb9 · a064eb9
1 parent d49f8fc
commit a064eb9
Show file tree

Hide file tree

Showing 2 changed files with 23 additions and 2 deletions.
diff --git a/build.gradle b/build.gradle
@@ -18,8 +18,8 @@ ext {
   slf4jVersion = "1.7.36"
   logbackVersion = "1.2.11"
   hk2Version = "3.0.2"
-  jacksonVersion = "2.14.1";
-  jacksonDatabindVersion = "2.14.1";
+  jacksonVersion = "2.14.2"
+  jacksonDatabindVersion = "2.14.2"
 }
 
 allprojects {

diff --git a/cvss-suppressions.xml b/cvss-suppressions.xml
@@ -56,4 +56,25 @@
    ]]></notes>
         <cve>CVE-2021-4277</cve>
     </suppress>
+    <suppress>
+        <notes><![CDATA[
+   file name: jakarta.json-2.0.1-module.jar
+   ]]></notes>
+        <packageUrl regex="true">^pkg:maven/org\.glassfish/jakarta\.json@.*$</packageUrl>
+        <cve>CVE-2022-45688</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+   file name: jsonp-jaxrs-2.0.1.jar
+   ]]></notes>
+        <packageUrl regex="true">^pkg:maven/org\.glassfish/jsonp-jaxrs@.*$</packageUrl>
+        <cve>CVE-2022-45688</cve>
+    </suppress>
+    <suppress>
+        <notes><![CDATA[
+   file name: jakarta.json-api-2.0.1.jar
+   ]]></notes>
+        <packageUrl regex="true">^pkg:maven/jakarta\.json/jakarta\.json-api@.*$</packageUrl>
+        <cve>CVE-2022-45688</cve>
+    </suppress>
 </suppressions>