cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dennis Kieselhorst"<d...@apache.org>
Subject Re: New security advisories for Apache CXF
Date Wed, 19 Apr 2017 11:30:40 GMT
> Could you file an issue with the OWasp plugin instead to remove this CVE
> from their list (if this is possible - I'm not sure how they are pulling
> down advisories)?

The plugin downloads the NVD CVE data hosted by NIST. 

So to get rid of it, the configuration pattern cpe:2.3:a:apache:cxf:-:*:*:*:*:*:*:* needs
to be changed: https://nvd.nist.gov/vuln/detail/CVE-2012-5786

No idea how to achieve that.

Regards
Dennis

Mime
View raw message