owasp-dep-check-suppression.xml

<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2014-3488</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2015-2156</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2019-16869</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2019-20444</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2019-20445</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2021-21290</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2021-21295</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2021-21409</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2021-37136</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2021-37137</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-tcnative-classes-2.0.46.Final.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-tcnative\-classes@.*$</packageUrl>
    <cve>CVE-2021-43797</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: commons-codec-1.11.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/commons\-codec/commons\-codec@.*$</packageUrl>
    <cve>CVE-2021-37533</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: commons-logging-1.2.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/commons\-logging/commons\-logging@.*$</packageUrl>
    <cve>CVE-2021-37533</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: utils-2.19.13.jar
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/software\.amazon\.awssdk/utils@.*$</packageUrl>
    <cve>CVE-2021-4277</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: jackson-core-2.13.5.jar
   reason: not using hutool
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-core@.*$</packageUrl>
    <cve>CVE-2022-45688</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: jackson-core-2.13.5.jar
   reason: not using json-java
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-core@.*$</packageUrl>
    <cve>CVE-2023-5072</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: netty-handler-4.1.100.Final.jar
   reason: not connecting to variable host
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/io\.netty/netty\-handler@.*$</packageUrl>
    <vulnerabilityName>CVE-2023-4586</vulnerabilityName>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: json-utils-2.21.37.jar
   reason: not using fredsmithutils
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/software\.amazon\.awssdk/json\-utils@.*$</packageUrl>
    <cve>CVE-2021-4277</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: json-utils-2.21.37.jar
   reason: hutool
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/software\.amazon\.awssdk/json\-utils@.*$</packageUrl>
    <cve>CVE-2022-45688</cve>
  </suppress>
  <suppress>
    <notes><![CDATA[
   file name: json-utils-2.21.37.jar
   reason: not using json-java
   ]]></notes>
    <packageUrl regex="true">^pkg:maven/software\.amazon\.awssdk/json\-utils@.*$</packageUrl>
    <cve>CVE-2023-5072</cve>
  </suppress>
</suppressions>