Merge pull request #1328 from cedardevs/1327-owasp-check

1327 owasp check
cedardevs · Jul 21, 2020 · 21ca2d5 · 21ca2d5
2 parents e04dca1 + 67b3b94
commit 21ca2d5
Show file tree

Hide file tree

Showing 2 changed files with 17 additions and 1 deletion.
diff --git a/build.gradle.kts b/build.gradle.kts
@@ -338,7 +338,7 @@ subprojects {
                 if (requested.group.startsWith("org.apache.tomcat") &&
                         requested.name.contains("tomcat") &&
                         requested.version!! <= "9.0.29") {
-                    useVersion("9.0.30")
+                    useVersion("9.0.37")
                     because("Enforce tomcat 9.0.20+ to avoid vulnerabilities CVE-2019-0199, CVE-2019-0232, and CVE-2019-10072")
                 }
             }

diff --git a/owasp-suppressions.xml b/owasp-suppressions.xml
@@ -178,6 +178,22 @@
   </suppress>
 
 <!-- dev npm dependency and gradle address approach for npm checks -->
+  <suppress>
+    <notes><![CDATA[
+   file name: npm:6.14.5
+   ]]></notes>
+    <packageUrl regex="true">^pkg:npm/npm@.*$</packageUrl>
+    <vulnerabilityName>1543</vulnerabilityName>
+  </suppress>
+
+  <suppress>
+    <notes><![CDATA[
+   file name: npm-registry-fetch:4.0.4
+   ]]></notes>
+    <packageUrl regex="true">^pkg:npm/npm\-registry\-fetch@.*$</packageUrl>
+    <vulnerabilityName>1544</vulnerabilityName>
+  </suppress>
+
   <suppress>
     <notes><![CDATA[
    file name: dompurify:1.0.11