Merge branch 'main' into develop [ci skip]

cryptomator · Oct 31, 2024 · 6785e26 · 6785e26
2 parents 3672817 + 55b350a
commit 6785e26
Showing 1 changed file with 9 additions and 1 deletion.
diff --git a/suppression.xml b/suppression.xml
@@ -29,5 +29,13 @@
 		<vulnerabilityName>CVE-2020-8908</vulnerabilityName>
 		<cve>CVE-2020-8908</cve>
 	</suppress>
+	<suppress>
+   		<notes><![CDATA[
+			The project does not use the HttpURI class at all, so no decoded user data is passed to it.
+			See also https://github.com/jetty/jetty.project/security/advisories/GHSA-qh8g-58pp-2wxh.
+		]]></notes>
+   		<packageUrl regex="true">^pkg:maven/org\.eclipse\.jetty/jetty-http@.*$</packageUrl>
+   		<vulnerabilityName>CVE-2024-6763</vulnerabilityName>
+</suppress>
 
-</suppressions>
+</suppressions>