add OWASP suppression for CVE-2023-51074

FraunhoferIOSB · Jan 9, 2024 · 8edd432 · 8edd432
1 parent 6828e1a
commit 8edd432
Showing 1 changed file with 5 additions and 0 deletions.
diff --git a/owaspSuppressions.xml b/owaspSuppressions.xml
@@ -24,4 +24,9 @@
 		<cve>CVE-2016-4570</cve>
 		<cve>CVE-2016-4571</cve>
 	</suppress>
+	<suppress>
+		<notes><![CDATA[Is not relevant in FA³ST Service is JSON path expressions are only provided by the administrator of the system and not at run-time from user input]]></notes>
+		<packageUrl regex="true">^pkg:maven/com\.jayway\.jsonpath/json\-path@.*$</packageUrl>
+		<vulnerabilityName>CVE-2023-51074</vulnerabilityName>
+	</suppress>
 </suppressions>