Skip to content

False positive on org.eclipse.jetty.alpn #1515

Closed
Closed
False positive on org.eclipse.jetty.alpn#1515
Labels
FP Report
@joan38

Description

@joan38
joan38
opened on Oct 4, 2018

False positive on https://mvnrepository.com/artifact/org.eclipse.jetty.alpn/alpn-api

Identifiers

  • cpe: cpe:/a:jetty:jetty:1.1.3.v20160715 Confidence:Low suppress
  • maven: org.eclipse.jetty.alpn:alpn-api:1.1.3.v20160715 Confidence:Highest
  • cpe: cpe:/a:eclipse:jetty:1.1.3.v20160715 Confidence:Low

See comment from the author:
http4s/blaze#235 (comment)

Workaround suppression:

   <suppress>
       <notes>False-positive: it's about the implementation not the api</notes>
       <cve>CVE-2017-14798</cve>
       <cpe>cpe:/a:eclipse:jetty</cpe>
   </suppress>

Metadata

Metadata

Assignees

No one assigned

    Labels

    FP Report

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions