third_party/android_deps/vulnerability_supressions.xml - chromium/src - Git at Google

 <?xml version="1.0" encoding="UTF-8"?>
 <suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
    <suppress until="2020-12-01Z">
       <notes><![CDATA[
       Suppress kotlin vulernability. Only affects build tools, not shipped in chrome. Packages that depend on this have yet to be updated.
       ]]></notes>
       <packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-stdlib@.*$</packageUrl>
       <cve>CVE-2020-15824</cve>
    </suppress>
    <suppress until="2020-12-01Z">
     <notes><![CDATA[
     Suppress kotlin vulernability. Only affects build tools, not shipped in chrome. Packages that depend on this have yet to be updated.
     ]]></notes>
     <packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-stdlib\-common@.*$</packageUrl>
     <cve>CVE-2020-15824</cve>
   </suppress>
   <suppress until="2021-12-01Z">
     <notes><![CDATA[
       https://nvd.nist.gov/vuln/detail/CVE-2020-8908 should not apply to all guava libraries.
       ]]></notes>
     <packageUrl regex="true">^pkg:maven/com\.google\.guava/failureaccess@.*$</packageUrl>
     <cpe>cpe:/a:google:guava</cpe>

   </suppress>
   <suppress until="2021-12-01Z">
     <notes><![CDATA[
       https://nvd.nist.gov/vuln/detail/CVE-2020-8908 should not apply to all guava libraries.
       ]]></notes>
     <packageUrl regex="true">^pkg:maven/com\.google\.guava/listenablefuture@1.0$</packageUrl>
     <cpe>cpe:/a:google:guava</cpe>

   </suppress>
 </suppressions>
	<?xml version="1.0" encoding="UTF-8"?>
	<suppressions xmlns="https://jeremylong.github.io/DependencyCheck/dependency-suppression.1.3.xsd">
	<suppress until="2020-12-01Z">
	<notes><![CDATA[
	Suppress kotlin vulernability. Only affects build tools, not shipped in chrome. Packages that depend on this have yet to be updated.
	]]></notes>
	<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-stdlib@.*$</packageUrl>
	<cve>CVE-2020-15824</cve>
	</suppress>
	<suppress until="2020-12-01Z">
	<notes><![CDATA[
	Suppress kotlin vulernability. Only affects build tools, not shipped in chrome. Packages that depend on this have yet to be updated.
	]]></notes>
	<packageUrl regex="true">^pkg:maven/org\.jetbrains\.kotlin/kotlin\-stdlib\-common@.*$</packageUrl>
	<cve>CVE-2020-15824</cve>
	</suppress>
	<suppress until="2021-12-01Z">
	<notes><![CDATA[
	https://nvd.nist.gov/vuln/detail/CVE-2020-8908 should not apply to all guava libraries.
	]]></notes>
	<packageUrl regex="true">^pkg:maven/com\.google\.guava/failureaccess@.*$</packageUrl>
	<cpe>cpe:/a:google:guava</cpe>

	</suppress>
	<suppress until="2021-12-01Z">
	<notes><![CDATA[
	https://nvd.nist.gov/vuln/detail/CVE-2020-8908 should not apply to all guava libraries.
	]]></notes>
	<packageUrl regex="true">^pkg:maven/com\.google\.guava/listenablefuture@1.0$</packageUrl>
	<cpe>cpe:/a:google:guava</cpe>

	</suppress>
	</suppressions>