Open jubui opened 3 hours ago
Maven Coordinates
<dependency>
<groupId>org.apache.lucene</groupId>
<artifactId>lucene-codecs</artifactId>
<version>9.10.0</version>
</dependency>
Suppression rule:
<suppress base="true">
<notes><![CDATA[
FP per issue #7048
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.lucene/lucene-codecs@.*$</packageUrl>
<cpe>cpe:/a:apache:lucene</cpe>
</suppress>
Link to test results: https://github.com/jeremylong/DependencyCheck/actions/runs/11345495664
Package URl
pkg:maven/org.apache.lucene/lucene-codecs@9.10.0
CPE
cpe:2.3:a:apache:lucene:9.10.0: *:*:*:*:*:*:*
CVE
CVE-2024-45772
ODC Integration
None
ODC Version
10.0.3
Description
This applies to all lucene-codec versions, because the reported CVE is against lucene-replicator