[FP]: flexmark-ext-macros-0.62.2.jar flagged with cpe:2.3:a:processing:processing:0.62.2:*:*:*:*:*:*:*

jeremylong / DependencyCheck

OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.

https://owasp.org/www-project-dependency-check/

Apache License 2.0

6.44k stars 1.28k forks source link

[FP]: flexmark-ext-macros-0.62.2.jar flagged with cpe:2.3:a:processing:processing:0.62.2:::::::* #4727

Closed cmuchinsky closed 2 years ago

cmuchinsky commented 2 years ago

Package URl

pkg:maven/com.vladsch.flexmark/flexmark-ext-macros@0.62.2

CPE

cpe:2.3:a:processing:processing:0.62.2:::::::*

CVE

CVE-2018-1000840

ODC Integration

{"label"=>"Gradle Plugin"}

ODC Version

7.1.1

Description

flexmark-ext-macros-0.62.2.jar flagged with cpe:2.3:a:processing:processing:0.62.2:::::::*

github-actions[bot] commented 2 years ago

Maven Coordinates

<dependency>
   <groupId>com.vladsch.flexmark</groupId>
   <artifactId>flexmark-ext-macros</artifactId>
   <version>0.62.2</version>
</dependency>

Suppression rule:

<suppress base="true">
   <notes><![CDATA[
   FP per issue #4727
   ]]></notes>
   <packageUrl regex="true">^pkg:maven/com\.vladsch\.flexmark/flexmark-ext-macros@.*$</packageUrl>
   <cpe>cpe:/a:processing:processing</cpe>
</suppress>

Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/2789661951

aikebah commented 2 years ago

approved