Package URl
pkg:maven/rubygems/jruby-openssl@0.14.2
CPE
cpe:2.3:a:rubygems:rubygems:0.14.2:*:*:*:*:*:*:*
CVE
No response
ODC Integration
{"label"=>"Gradle Plugin"}
ODC Version
9.0.1
Description
9.0.x seems to create a new false positive here that doesn't exist on 8.x. JRuby is a rubygem, but is not rubygems itself.
Might need to see if this happens to other maven-stored rubygems due to the name, it's possible a common suppression for pkg:maven/rubygems/.*@.* is needed for the CPE?
Package URl
pkg:maven/rubygems/jruby-openssl@0.14.2
CPE
cpe:2.3:a:rubygems:rubygems:0.14.2:*:*:*:*:*:*:*CVE
No response
ODC Integration
{"label"=>"Gradle Plugin"}
ODC Version
9.0.1
Description
9.0.x seems to create a new false positive here that doesn't exist on 8.x. JRuby is a rubygem, but is not rubygems itself.
Might need to see if this happens to other maven-stored rubygems due to the name, it's possible a common suppression for
pkg:maven/rubygems/.*@.*is needed for the CPE?