first commit

LakshSingla · Dec 8, 2023 · f271f06 · f271f06
1 parent 8a78de4
commit f271f06
Show file tree

Hide file tree

Showing 2 changed files with 9 additions and 1 deletion.
diff --git a/owasp-dependency-check-suppressions.xml b/owasp-dependency-check-suppressions.xml
@@ -847,4 +847,12 @@
     ]]></notes>
     <cve>CVE-2023-31582</cve>
   </suppress>
+
+  <!--
+  ~ CVE-2022-46337 applies to configurations using authentication for Derby and is not applicable to Druid. Also, Derby isn't a suggested
+  ~ metadata store for production clusters.
+  -->
+  <suppress>
+    <cve>CVE-2022-46337</cve>
+  </suppress>
 </suppressions>
diff --git a/pom.xml b/pom.xml
@@ -1630,7 +1630,7 @@
                 <artifactId>dependency-check-maven</artifactId>
                 <version>7.4.4</version>
                 <configuration>
-                    <failBuildOnCVSS>7</failBuildOnCVSS>
+                    <failBuildOnCVSS>9</failBuildOnCVSS>
                     <skipProvidedScope>true</skipProvidedScope>
                     <skipSystemScope>true</skipSystemScope>  <!-- avoid error when processing jdk.tools:jdk.tools:jar:1.8:system -->
                     <!-- For node analysis info, see https://github.com/jeremylong/DependencyCheck/issues/2482#issuecomment-603755623 -->