fixed bug allowing more then a single vulnerability to be removed

Former-commit-id: fa4fcd9917323b3a0e676dc8f16e46bc4099c725
2026-01-14 07:43:40 +01:00 · 2013-12-02 09:09:16 -05:00
parent 4eb76e6da3
commit f8771adbe7
1 changed files with 2 additions and 2 deletions
--- a/dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java
+++ b/dependency-check-core/src/main/java/org/owasp/dependencycheck/suppression/SuppressionRule.java
@@ -264,8 +264,8 @@ public class SuppressionRule {
        }
        if (hasCve() || hasCwe() || hasCvssBelow()) {
            final Iterator<Vulnerability> itr = dependency.getVulnerabilities().iterator();
-            boolean remove = false;
-            while (!remove && itr.hasNext()) {
+            while (itr.hasNext()) {
+                boolean remove = false;
                final Vulnerability v = itr.next();
                for (String entry : this.cve) {
                    if (entry.equalsIgnoreCase(v.getName())) {