Uploaded image for project: 'Build'
  1. Build
  2. BUILD-1085

Suppress CVE mismatches about swagger-parser-safe-url-resolver

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Neutral Neutral
    • None
    • None
    • None
    • Yes 

      swagger-parser-safe-url-resolver-2.1.15.jar (pkg:maven/io.swagger.parser.v3/swagger-parser-safe-url-resolver@2.1.15, cpe:2.3:a:parse-url_project:parse-url:2.1.15:*:*:*:*:*:*:*, cpe:2.3:a:swagger:swagger-parser:2.1.15:*:*:*:*:*:*:*) : CVE-2022-2216, CVE-2022-2900, CVE-2022-0722, CVE-2022-2217, CVE-2022-2218, CVE-2022-3224

      Old CVEs concerning a js library for parsing URLs not used by Magnolia, https://github.com/IonicaBizau/parse-url

      https://nvd.nist.gov/vuln/detail/CVE-2022-2216
      https://nvd.nist.gov/vuln/detail/CVE-2022-2900
      https://nvd.nist.gov/vuln/detail/CVE-2022-0722
      https://nvd.nist.gov/vuln/detail/CVE-2022-2217
      https://nvd.nist.gov/vuln/detail/CVE-2022-2218
      https://nvd.nist.gov/vuln/detail/CVE-2022-3224

        Acceptance criteria

              fgrilli Federico Grilli
              fgrilli Federico Grilli
              Foundation
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved:
                Work Started:

                  Task DoR