owasp-suppressions.xml

<?xml version="1.0" encoding="UTF-8"?>
<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
    <suppress until="2020-03-01Z">
        <vulnerabilityName>CVE-2019-16869</vulnerabilityName>
    </suppress>
    <suppress until="2020-03-01Z">
        <vulnerabilityName>CVE-2014-3488</vulnerabilityName>
    </suppress>
    <suppress until="2020-03-01Z">
        <vulnerabilityName>CVE-2015-2156</vulnerabilityName>
    </suppress>
    <suppress until="2020-03-01Z">
        <vulnerabilityName>CVE-2008-0660</vulnerabilityName>
    </suppress>
    <suppress>
        <notes>
            We're not even USING snakeyaml
        </notes>
        <cve>CVE-2017-18640</cve>
    </suppress>
    <suppress>
        <notes>
            CVE-2008-0660 is a stack based buffer overflow vulnerability related to ActiveX and
            several image uploaders. This is unrelated to presto-parser, so marking as a false
            positive.
        </notes>
        <cve>CVE-2008-0660</cve>
    </suppress>
</suppressions>