Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-4478

Suppress OWASP false positives zookeeper-jute-3.8.0-SNAPSHOT.jar: CVE-2021-29425, CVE-2021-28164, CVE-2021-34429

    XMLWordPrintableJSON

Details

    Description

      While preparing a new RC for 3.8.0 today the OWASP checker started to report locally (not on jenkins) these errors:

       

       

      [ERROR] One or more dependencies were identified with vulnerabilities that have a CVSS score greater than or equal to '0.0': 
[ERROR] 
[ERROR] zookeeper-jute-3.8.0-SNAPSHOT.jar: CVE-2021-29425, CVE-2021-28164, CVE-2021-34429
[ERROR] 
[ERROR] See the dependency-check report for more details.
[ERROR] 

       

       

      Attachments

        Issue Links

          links to

          Web Link GitHub Pull Request #1824

          Activity

            People

              Unassigned Unassigned
              eolivelli Enrico Olivelli
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m