Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

False Positive on Microsoft.AspNet.FriendlyUrls.Core #2686

Closed
christopher-gill opened this issue Jun 29, 2020 · 2 comments
Closed

False Positive on Microsoft.AspNet.FriendlyUrls.Core #2686

christopher-gill opened this issue Jun 29, 2020 · 2 comments
Labels
FP Report
Milestone
6.0.3

Comments

@christopher-gill
Copy link

christopher-gill commented Jun 29, 2020
edited by jeremylong

False positive on Microsoft.AspNet.FriendlyUrls.Core - reported as cpe:2.3:a:microsoft:asp.net:*:*:*:*:*:*:*:*

Location to download package: https://www.nuget.org/packages/Microsoft.AspNet.FriendlyUrls.Core/

I think this may be a false positive as I have been unable to find any refrences to it being vulnerable, similarly when running audit.net & safenuget they do not report it to be vulnerable
@jeremylong jeremylong changed the title False Positive on [library] False Positive on Microsoft.AspNet.FriendlyUrls.Core Oct 3, 2020
jeremylong added a commit that referenced this issue Nov 2, 2020
@jeremylong
fp identified while testing #2686
d92655c
@jeremylong
Copy link
Owner

In testing with 6.0.3-SNAPSHOT - these FP appear to be resolved. I did add a rule for another library while researching the reported FP. Thanks!

@jeremylong jeremylong added this to the 6.0.3 milestone Nov 2, 2020
@christopher-gill
Copy link
Author

Brilliant thanks @jeremylong

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
FP Report
Projects
None yet
Milestone
6.0.3
Development

No branches or pull requests
2 participants
@jeremylong @christopher-gill