Skip to content

Commit

Permalink
updated CVE list for log4j-api and log4j-web suppression
Browse files Browse the repository at this point in the history
  • Loading branch information
@jeremylong
jeremylong committed Dec 21, 2021
1 parent 22420bc commit 229f36d
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions core/src/main/resources/dependencycheck-base-suppression.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,8 @@
]]></notes>
<packageUrl regex="true">^pkg:maven/org\.apache\.logging\.log4j/log4j\-(api|web)@.*$</packageUrl>
<cve>CVE-2021-44228</cve>
<cve>CVE-2021-45046</cve>
<cve>CVE-2021-45105</cve>
</suppress>
<suppress base="true">
<notes><![CDATA[
Expand Down

0 comments on commit 229f36d

Please sign in to comment.