[FP]:Wrongly reporting vulnerability CVE-2021-41033 on org.eclipse.equinox.launcher.cocoa.macosx.x86_64

### Package URl

pkg:maven/org.eclipse.equinox/org.eclipse.equinox.launcher.cocoa.macosx.x86_64@1.1.100

### CPE

cpe:2.3:a:eclipse:equinox:1.1.100:370:*:*:*:*:*:*

### CVE

CVE-2021-41033

### ODC Integration

{"label" => "Maven Plugin"}

### ODC Version

10.0.3

### Description

The above CVE doesn't affect equinox OSGI framework at all according to https://github.com/eclipse-equinox/equinox/discussions/532#discussioncomment-8490883 and similar FP was raised previously too https://github.com/dependency-check/DependencyCheck/issues/5881

Seems like this affects only [P2](https://github.com/eclipse-equinox/p2) eclipse equinox artifacts according to this report https://bugs.eclipse.org/bugs/show_bug.cgi?id=575688 rather than OSGI [eclipse-equinox](https://github.com/eclipse-equinox/equinox)

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[FP]:Wrongly reporting vulnerability CVE-2021-41033 on org.eclipse.equinox.launcher.cocoa.macosx.x86_64 #7675

Package URl

CPE

CVE

ODC Integration

ODC Version

Description

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

[FP]:Wrongly reporting vulnerability CVE-2021-41033 on org.eclipse.equinox.launcher.cocoa.macosx.x86_64 #7675

Description

Package URl

CPE

CVE

ODC Integration

ODC Version

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions