other/checkstyle-rules/src/main/resources/tobago/dependency-check-suppression-for-tobago-5.x.xml - myfaces-build-tools - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd"
               xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
               xsi:schemaLocation="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
   <suppress>
     <notes><![CDATA[ file name: jdom2-2.0.6.jar ]]></notes>
     <packageUrl regex="true">^pkg:maven/org\.jdom/jdom2@.*$</packageUrl>
     <cve>CVE-2021-33813</cve>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: path-parse:1.0.6 ]]></notes>
     <packageUrl regex="true">^pkg:npm/path\-parse@.*$</packageUrl>
     <cve>CVE-2021-23343</cve>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: glob-parent:6.0.0 ]]></notes>
     <packageUrl regex="true">^pkg:npm/glob\-parent@.*$</packageUrl>
     <vulnerabilityName>1751</vulnerabilityName>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: trim-newlines:4.0.1 ]]></notes>
     <packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
     <vulnerabilityName>1753</vulnerabilityName>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: trim-newlines:1.0.0 ]]></notes>
     <packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
     <cpe>cpe:/a:trim-newlines_project:trim-newlines</cpe>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: jakarta.el-api-3.0.3.jar ]]></notes>
     <packageUrl regex="true">^pkg:maven/jakarta\.el/jakarta\.el-api@.*$</packageUrl>
     <cve>CVE-2021-28170</cve>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: lodash:4.17.21 ]]></notes>
     <packageUrl regex="true">^pkg:npm/lodash@.*$</packageUrl>
     <cpe>cpe:/a:lodash:lodash</cpe>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: lodash:4.17.21 ]]></notes>
     <packageUrl regex="true">^pkg:npm/lodash@.*$</packageUrl>
     <vulnerabilityName>1002373</vulnerabilityName>
   </suppress>  <suppress>
     <notes><![CDATA[ file name: set-value:2.0.1 ]]></notes>
     <packageUrl regex="true">^pkg:npm/set\-value@.*$</packageUrl>
     <cpe>cpe:/a:set-value_project:set-value</cpe>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: set-value:3.0.2 ]]></notes>
     <packageUrl regex="true">^pkg:npm/set\-value@.*$</packageUrl>
     <cpe>cpe:/a:set-value_project:set-value</cpe>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: set-value:2.0.1 ]]></notes>
     <packageUrl regex="true">^pkg:npm/set\-value@.*$</packageUrl>
     <vulnerabilityName>1002475</vulnerabilityName>
   </suppress>
   <suppress>
     <notes><![CDATA[ file name: spring-*-5.3.*.jar ]]></notes>
     <cve>CVE-2016-1000027</cve>
   </suppress>
   <suppress>
     <!-- CVE is for linux watchman -->
     <notes><![CDATA[ file name: fb-watchman:2.0.1 ]]></notes>
     <packageUrl regex="true">^pkg:npm/fb\-watchman@.*$</packageUrl>
     <vulnerabilityName>CVE-2022-21944</vulnerabilityName>
   </suppress>
   <suppress>
     <!-- CVE was solved in 2.8.9 -->
     <notes><![CDATA[ file name: hosted-git-info:2.8.9 ]]></notes>
     <sha1>f58142bf71363f8925fecf8e1bce7f6a4e84af35</sha1>
     <vulnerabilityName>CVE-2021-23362</vulnerabilityName>
   </suppress>
   <suppress>
     <!-- CVE is for the example tomcat application -->
     <notes><![CDATA[ file name: tomcat-embed-core-9.0.64.jar ]]></notes>
     <packageUrl regex="true">^pkg:maven/org\.apache\.tomcat\.embed/tomcat\-embed\-.*@.*$</packageUrl>
     <cve>CVE-2022-34305</cve>
   </suppress>
   <suppress>
     <!-- CVE is a problem with AMS patch scripts -->
     <notes><![CDATA[ file name: log4j-api-2.17.2.jar ]]></notes>
     <packageUrl regex="true">^pkg:maven/org\.apache\.logging\.log4j/log4j\-api@.*$</packageUrl>
     <cve>CVE-2022-33915</cve>
   </suppress>
 </suppressions>
	<?xml version="1.0" encoding="UTF-8"?>
	<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xsi:schemaLocation="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
	<suppress>
	<notes><![CDATA[ file name: jdom2-2.0.6.jar ]]></notes>
	<packageUrl regex="true">^pkg:maven/org\.jdom/jdom2@.*$</packageUrl>
	<cve>CVE-2021-33813</cve>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: path-parse:1.0.6 ]]></notes>
	<packageUrl regex="true">^pkg:npm/path\-parse@.*$</packageUrl>
	<cve>CVE-2021-23343</cve>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: glob-parent:6.0.0 ]]></notes>
	<packageUrl regex="true">^pkg:npm/glob\-parent@.*$</packageUrl>
	<vulnerabilityName>1751</vulnerabilityName>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: trim-newlines:4.0.1 ]]></notes>
	<packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
	<vulnerabilityName>1753</vulnerabilityName>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: trim-newlines:1.0.0 ]]></notes>
	<packageUrl regex="true">^pkg:npm/trim\-newlines@.*$</packageUrl>
	<cpe>cpe:/a:trim-newlines_project:trim-newlines</cpe>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: jakarta.el-api-3.0.3.jar ]]></notes>
	<packageUrl regex="true">^pkg:maven/jakarta\.el/jakarta\.el-api@.*$</packageUrl>
	<cve>CVE-2021-28170</cve>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: lodash:4.17.21 ]]></notes>
	<packageUrl regex="true">^pkg:npm/lodash@.*$</packageUrl>
	<cpe>cpe:/a:lodash:lodash</cpe>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: lodash:4.17.21 ]]></notes>
	<packageUrl regex="true">^pkg:npm/lodash@.*$</packageUrl>
	<vulnerabilityName>1002373</vulnerabilityName>
	</suppress> <suppress>
	<notes><![CDATA[ file name: set-value:2.0.1 ]]></notes>
	<packageUrl regex="true">^pkg:npm/set\-value@.*$</packageUrl>
	<cpe>cpe:/a:set-value_project:set-value</cpe>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: set-value:3.0.2 ]]></notes>
	<packageUrl regex="true">^pkg:npm/set\-value@.*$</packageUrl>
	<cpe>cpe:/a:set-value_project:set-value</cpe>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: set-value:2.0.1 ]]></notes>
	<packageUrl regex="true">^pkg:npm/set\-value@.*$</packageUrl>
	<vulnerabilityName>1002475</vulnerabilityName>
	</suppress>
	<suppress>
	<notes><![CDATA[ file name: spring--5.3..jar ]]></notes>
	<cve>CVE-2016-1000027</cve>
	</suppress>
	<suppress>
	<!-- CVE is for linux watchman -->
	<notes><![CDATA[ file name: fb-watchman:2.0.1 ]]></notes>
	<packageUrl regex="true">^pkg:npm/fb\-watchman@.*$</packageUrl>
	<vulnerabilityName>CVE-2022-21944</vulnerabilityName>
	</suppress>
	<suppress>
	<!-- CVE was solved in 2.8.9 -->
	<notes><![CDATA[ file name: hosted-git-info:2.8.9 ]]></notes>
	<sha1>f58142bf71363f8925fecf8e1bce7f6a4e84af35</sha1>
	<vulnerabilityName>CVE-2021-23362</vulnerabilityName>
	</suppress>
	<suppress>
	<!-- CVE is for the example tomcat application -->
	<notes><![CDATA[ file name: tomcat-embed-core-9.0.64.jar ]]></notes>
	<packageUrl regex="true">^pkg:maven/org\.apache\.tomcat\.embed/tomcat\-embed\-.@.$</packageUrl>
	<cve>CVE-2022-34305</cve>
	</suppress>
	<suppress>
	<!-- CVE is a problem with AMS patch scripts -->
	<notes><![CDATA[ file name: log4j-api-2.17.2.jar ]]></notes>
	<packageUrl regex="true">^pkg:maven/org\.apache\.logging\.log4j/log4j\-api@.*$</packageUrl>
	<cve>CVE-2022-33915</cve>
	</suppress>
	</suppressions>