mirror of https://github.com/apache/cassandra
21 lines
1.2 KiB
Plaintext
21 lines
1.2 KiB
Plaintext
# Snyk (https://snyk.io) policy file, provides ignores for known false positives.
|
|
# This file is autogenerated from .build/dependency-check-suppressions.xml
|
|
version: v1.25.0
|
|
ignore:
|
|
CVE-2023-35116:
|
|
- reason: https://issues.apache.org/jira/browse/CASSANDRA-17966 -- ^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$
|
|
CVE-2023-44487:
|
|
- reason: https://issues.apache.org/jira/browse/CASSANDRA-18943 -- ^pkg:maven/io\.netty/netty\-.*@.*$
|
|
CVE-2023-6378:
|
|
- reason: Suppressed due to internal review, see project's .build/dependency-check-suppressions.xml
|
|
CVE-2023-6481:
|
|
- reason: Suppressed due to internal review, see project's .build/dependency-check-suppressions.xml
|
|
CVE-2024-12798:
|
|
- reason: Suppressed due to internal review, see project's .build/dependency-check-suppressions.xml
|
|
CVE-2024-12801:
|
|
- reason: Suppressed due to internal review, see project's .build/dependency-check-suppressions.xml
|
|
CVE-2024-45772:
|
|
- reason: https://issues.apache.org/jira/browse/CASSANDRA-20024 -- ^pkg:maven/org\.apache\.lucene/lucene\-.*@9.7.0$
|
|
CVE-2025-25193:
|
|
- reason: https://issues.apache.org/jira/browse/CASSANDRA-20504 -- ^pkg:maven/io\.netty/netty\-.*@.*$
|