Suppress false positive match of alm-gallery-client

author Malena Ebert <malena.ebert@sonarsource.com>

Fri, 2 Oct 2020 14:31:29 +0000 (16:31 +0200)

committer sonartech <sonartech@sonarsource.com>

Mon, 5 Oct 2020 20:07:41 +0000 (20:07 +0000)
author Malena Ebert <malena.ebert@sonarsource.com>
Fri, 2 Oct 2020 14:31:29 +0000 (16:31 +0200)
committer sonartech <sonartech@sonarsource.com>
Mon, 5 Oct 2020 20:07:41 +0000 (20:07 +0000)
diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml

index f4e3114039a87cd86ed573fcd2fb6bedb1ef4434..96f7512c91fe1beca9188ba819fa94f28be54910 100644 (file)
--- a/owasp-suppressions.xml
+++ b/owasp-suppressions.xml
@@ -187,4 +187,14 @@
      <packageUrl regex="true">pkg:maven/com\.jcraft/jsch\.agentproxy\..*@0.0.7</packageUrl>
      <cve>CVE-2016-5725</cve>
    </suppress>
+
+  <suppress>
+    <notes>
+      <![CDATA[
+        file name: alm-gallery-client-1.0.2.jar will be matched to a wrong cpe string
+      ]]>
+    </notes>
+    <packageUrl regex="true">^pkg:maven/com\.sonarsource\.vsts/alm\-gallery\-client@.*$</packageUrl>
+    <cpe>cpe:/a:gallery:gallery</cpe>
+  </suppress>
  </suppressions>
author	Malena Ebert <malena.ebert@sonarsource.com>
	Fri, 2 Oct 2020 14:31:29 +0000 (16:31 +0200)
committer	sonartech <sonartech@sonarsource.com>
	Mon, 5 Oct 2020 20:07:41 +0000 (20:07 +0000)