From 8ca6946fe636906db1c21daa2936391afd997790 Mon Sep 17 00:00:00 2001
From: Armin Schrenk <armin.schrenk@skymatic.de>
Date: Sun, 8 Mar 2026 17:58:46 +0100
Subject: [PATCH] Suppress CVE-2025-11143

Jetty is used only locally
---
 suppression.xml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/suppression.xml b/suppression.xml
index 2b351269a..bb1ff3f9b 100644
--- a/suppression.xml
+++ b/suppression.xml
@@ -99,5 +99,14 @@
 		<packageUrl regex="true">^pkg:maven/org\.purejava/flatpak-update-portal@.*$</packageUrl>
 		<cpe>cpe:/a:flatpak:flatpak</cpe>
 	</suppress>
+
+	<suppress>
+		<notes><![CDATA[
+		Jetty is used as a local server only.
+   ]]></notes>
+		<packageUrl regex="true">^pkg:maven/org\.eclipse\.jetty/jetty-.*$</packageUrl>
+		<vulnerabilityName>CVE-2025-11143</vulnerabilityName>
+		<cve>CVE-2025-11143</cve>
+	</suppress>
 	
 </suppressions>