fixed bug allowing more then a single vulnerability to be removed

Former-commit-id: aa2e87885e7a3ddc4947a81c3c3e104630630e23
2026-01-15 16:23:37 +01:00 · 2013-12-02 09:09:16 -05:00
parent 7eb82f2e84
commit 39c1624d42
1 changed files with 2 additions and 2 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java
@@ -264,8 +264,8 @@ public class SuppressionRule {
        }
        if (hasCve() || hasCwe() || hasCvssBelow()) {
            final Iterator<Vulnerability> itr = dependency.getVulnerabilities().iterator();
-            boolean remove = false;
-            while (!remove && itr.hasNext()) {
+            while (itr.hasNext()) {
+                boolean remove = false;
                final Vulnerability v = itr.next();
                for (String entry : this.cve) {
                    if (entry.equalsIgnoreCase(v.getName())) {