Closed Lars5678 closed 1 year ago
Maven Coordinates
<dependency>
<groupId>jakarta.resource</groupId>
<artifactId>jakarta.resource-api</artifactId>
<version>2.1.0</version>
</dependency>
Suppression rule:
<suppress base="true">
<notes><![CDATA[
FP per issue #5361
]]></notes>
<packageUrl regex="true">^pkg:maven/jakarta\.resource/jakarta\.resource-api@.*$</packageUrl>
<cpe>cpe:/a:payara:payara</cpe>
</suppress>
Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/3969651265
approved
Suppress rule has been added to the generatedSuppressions
branch.
Package URl
pkg:maven/jakarta.resource/jakarta.resource-api@2.1.0
CPE
cpe:2.3:a:payara:payara:2.1.0:*:*:*:*:*:*:*
CVE
CVE-2022-45129
ODC Integration
{"label"=>"Maven Plugin"}
ODC Version
7.4.4
Description
jakarta.resource-api-2.1.0 identified as Payara 2.1.0
I think because of Payara Organisation Element in jakarta.resource-api-2.1.0 pom.