libre.sh/keycloak-scim
2
0
Fork 0
Code Issues 14 Pull requests Releases Packages Activity Actions 6

Suppress Snyk warnings about WildFly Elytron

Browse source 
Resolves #11277
This commit is contained in:
Bruno Oliveira da Silva 2022-04-13 09:28:32 -03:00
parent ed79c2a861
commit 1661a4ecc7
1 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
.github/snyk/.snyk vendored
View file

@ -28,6 +28,16 @@ ignore:
The expiry date was set as a reminder for us to upgrade, once they The expiry date was set as a reminder for us to upgrade, once they
provide the fix. provide the fix.
expires: 2022-05-31T00:00:00.000Z expires: 2022-05-31T00:00:00.000Z
SNYK-JAVA-ORGWILDFLYSECURITY-1316682:
- "*":
reason: >
WildFly Elytron was upgraded and Keycloak is no longer affected
by CVE-2021-3642. The issue was fixed on Elytron 1.10.14.Final,
1.15.5.Final and 1.16.1.Final last year. More details:
- https://issues.redhat.com/browse/ELY-2147
- https://nvd.nist.gov/vuln/detail/CVE-2021-3642
- https://github.com/keycloak/keycloak/pull/11250
- https://github.com/keycloak/keycloak/pull/11197
# License warnings # License warnings
snyk:lic:maven:org.eclipse.sisu:org.eclipse.sisu.plexus:EPL-1.0: snyk:lic:maven:org.eclipse.sisu:org.eclipse.sisu.plexus:EPL-1.0: