Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies;
false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and
the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties,
implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided
is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever
arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.
Scan Information (
show all ):
dependency-check version : 5.3.2Report Generated On : Mon, 23 Nov 2020 19:11:09 -0500Dependencies Scanned : 530 (504 unique)Vulnerable Dependencies : 23 Vulnerabilities Found : 124Vulnerabilities Suppressed : 0... NVD CVE Checked : 2020-11-23T18:58:15NVD CVE Modified : 2020-11-23T18:00:56VersionCheckOn : 2020-11-23T18:58:15Summary Display:
Showing Vulnerable Dependencies (click to show all) Dependencies FastInfoset-1.2.18.jarDescription:
Open Source implementation of the Fast Infoset Standard for Binary XML (http://www.itu.int/ITU-T/asn1/). License:
http://www.opensource.org/licenses/apache2.0.php, http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\fastinfoset\FastInfoset\1.2.18\FastInfoset-1.2.18.jar
MD5: 4e425a456d5a9dfefcbd73c6bf5ac623
SHA1: 59b7e35fa7fca569f71b7233d691fb441b355eb7
SHA256: a0174a5d6f3071a0d1b61310135c68d23ac915428b79b9969d4c226fc692ad35
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid com.sun.xml.fastinfoset Medium Vendor pom name fastinfoset High Vendor pom parent-artifactid fastinfoset-project Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest Implementation-Vendor-Id com.sun.xml.fastinfoset Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name sun Highest Vendor jar package name xml Highest Vendor file name FastInfoset High Vendor pom artifactid FastInfoset Low Vendor jar package name fastinfoset Highest Vendor Manifest extension-name com.sun.xml.fastinfoset Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-symbolicname com.sun.xml.fastinfoset.FastInfoset Medium Vendor Manifest build-jdk-spec 11 Low Vendor pom groupid com.sun.xml.fastinfoset Highest Vendor Manifest implementation-build-id 1.2.18 - 1.2.18-RELEASE-2ac40f1 Low Vendor pom groupid sun.xml.fastinfoset Highest Product pom parent-groupid com.sun.xml.fastinfoset Medium Product jar package name org Highest Product pom name fastinfoset High Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Implementation-Title Fast Infoset Implementation High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name sun Highest Product jar package name xml Highest Product file name FastInfoset High Product jar package name fastinfoset Highest Product Manifest extension-name com.sun.xml.fastinfoset Medium Product Manifest specification-title ITU-T Rec. X.891 | ISO/IEC 24824-1 (Fast Infoset) Medium Product Manifest Bundle-Name fastinfoset Medium Product Manifest bundle-symbolicname com.sun.xml.fastinfoset.FastInfoset Medium Product pom parent-artifactid fastinfoset-project Medium Product Manifest build-jdk-spec 11 Low Product Manifest implementation-build-id 1.2.18 - 1.2.18-RELEASE-2ac40f1 Low Product pom groupid sun.xml.fastinfoset Highest Product pom artifactid FastInfoset Highest Version Manifest Bundle-Version 1.2.18 High Version Manifest implementation-build-id 1.2.18 Low Version Manifest Implementation-Version 1.2.18 High Version pom version 1.2.18 Highest Version file version 1.2.18 High
JavaEWAH-0.7.9.jarDescription:
The bit array data structure is implemented in Java as the BitSet class. Unfortunately, this fails to scale without compression.
JavaEWAH is a word-aligned compressed variant of the Java bitset class. It uses a 64-bit run-length encoding (RLE) compression scheme.
The goal of word-aligned compression is not to achieve the best compression, but rather to improve query processing time. Hence, we try to save CPU cycles, maybe at the expense of storage. However, the EWAH scheme we implemented is always more efficient storage-wise than an uncompressed bitmap (implemented in Java as the BitSet class). Unlike some alternatives, javaewah does not rely on a patented scheme. License:
Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\googlecode\javaewah\JavaEWAH\0.7.9\JavaEWAH-0.7.9.jar
MD5: 3186322b6558b126cef0e00bdbd2466c
SHA1: eceaf316a8faf0e794296ebe158ae110c7d72a5a
SHA256: fc499deb9153610f735f75817f1c177978d27a95a18e03d7d3849cfcb35abfc4
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://code.google.com/p/javaewah/ Highest Vendor Manifest bundle-symbolicname com.googlecode.javaewah.JavaEWAH Medium Vendor jar package name javaewah Highest Vendor pom artifactid JavaEWAH Low Vendor jar package name googlecode Highest Vendor pom groupid com.googlecode.javaewah Highest Vendor file name JavaEWAH High Vendor pom groupid googlecode.javaewah Highest Vendor pom name JavaEWAH High Product Manifest Bundle-Name JavaEWAH Medium Product jar package name javaewah Highest Product Manifest bundle-symbolicname com.googlecode.javaewah.JavaEWAH Medium Product jar package name googlecode Highest Product file name JavaEWAH High Product pom url http://code.google.com/p/javaewah/ Medium Product pom artifactid JavaEWAH Highest Product pom groupid googlecode.javaewah Highest Product pom name JavaEWAH High Version file version 0.7.9 High Version pom version 0.7.9 Highest Version Manifest Bundle-Version 0.7.9 High
Saxon-HE-9.9.1-6.jarDescription:
The XSLT and XQuery Processor License:
Mozilla Public License Version 2.0: http://www.mozilla.org/MPL/2.0/ File Path: C:\Users\Jeremy\.m2\repository\net\sf\saxon\Saxon-HE\9.9.1-6\Saxon-HE-9.9.1-6.jar
MD5: 173398f1e38f077a0583900d99b4f5f9
SHA1: 1905b27b0e4df1ee3a0857f403f64558ef780e6f
SHA256: 00d1d0428752a245f1725293c0c0d102f735455b14028777baef42a90f3d93ec
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid net.sf.saxon Highest Vendor Manifest project-name Saxon-HE Medium Vendor jar package name net Highest Vendor pom name Saxon-HE High Vendor file name Saxon-HE High Vendor jar package name saxon Highest Vendor pom organization url http://www.saxonica.com Medium Vendor jar package name sf Highest Vendor pom organization name Saxonica High Vendor pom artifactid Saxon-HE Low Vendor pom url http://www.saxonica.com/ Highest Product Manifest project-name Saxon-HE Medium Product pom groupid net.sf.saxon Highest Product jar package name net Highest Product pom name Saxon-HE High Product file name Saxon-HE High Product jar package name saxon Highest Product jar package name sf Highest Product pom organization url http://www.saxonica.com Low Product pom organization name Saxonica Low Product pom url http://www.saxonica.com/ Medium Product pom artifactid Saxon-HE Highest Version pom version 9.9.1-6 Highest
aether-api-1.7.jarDescription:
The application programming interface for the repository system.
File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\aether\aether-api\1.7\aether-api-1.7.jarMD5: fa35448855735ad6aa16952b0efc7a4eSHA1: 0c491a637ee6795143b6708ce5f112e6a9f548f4SHA256: 1c5c5ac5e8f29aefc8faa051ffa14eccd85b9e20f4bb35dc82fba7d5da50d326Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name aether Low Vendor file name aether-api High Vendor pom name Aether :: API High Vendor jar package name sonatype Low Vendor pom groupid sonatype.aether Highest Vendor jar package name sonatype Highest Vendor jar package name repository Highest Vendor pom groupid org.sonatype.aether Highest Vendor pom parent-artifactid aether-parent Low Vendor jar package name aether Highest Vendor pom parent-groupid org.sonatype.aether Medium Vendor pom artifactid aether-api Low Product file name aether-api High Product pom name Aether :: API High Product jar package name aether Low Product pom artifactid aether-api Highest Product pom groupid sonatype.aether Highest Product jar package name sonatype Highest Product jar package name repository Highest Product pom parent-artifactid aether-parent Medium Product jar package name aether Highest Product pom parent-groupid org.sonatype.aether Medium Version pom version 1.7 Highest Version file version 1.7 High
aether-impl-1.7.jarDescription:
An implementation of the repository system.
File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\aether\aether-impl\1.7\aether-impl-1.7.jarMD5: 88f67bb92b68df022a22ca837b0ebeeeSHA1: 5cc1803eb7126f759d34007b74e6dc44e9a9fb08SHA256: 288149850d8d131763df4151f7e443fd2739e48510a6e4cfe49ca082c76130faReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name aether Low Vendor pom artifactid aether-impl Low Vendor jar package name impl Low Vendor jar package name impl Highest Vendor file name aether-impl High Vendor jar package name sonatype Low Vendor pom groupid sonatype.aether Highest Vendor pom name Aether :: Implementation High Vendor jar package name sonatype Highest Vendor pom groupid org.sonatype.aether Highest Vendor pom parent-artifactid aether-parent Low Vendor jar package name aether Highest Vendor pom parent-groupid org.sonatype.aether Medium Product jar package name aether Low Product jar package name impl Low Product jar package name impl Highest Product file name aether-impl High Product pom artifactid aether-impl Highest Product jar package name internal Low Product pom groupid sonatype.aether Highest Product pom name Aether :: Implementation High Product jar package name sonatype Highest Product pom parent-artifactid aether-parent Medium Product jar package name aether Highest Product pom parent-groupid org.sonatype.aether Medium Version pom version 1.7 Highest Version file version 1.7 High
aether-spi-1.7.jarDescription:
The service provider interface for repository system implementations and repository connectors.
File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\aether\aether-spi\1.7\aether-spi-1.7.jarMD5: ba2419eb80b2eca0c804e21b58fb3e1fSHA1: 1ea472b28d9d891d353c0311593f5e2a0e73d4beSHA256: f54a0a28ce3d62af0e1cfe41dde616f645c28e452e77f77b78bc36e74d5e1a69Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name aether Low Vendor jar package name spi Low Vendor pom name Aether :: SPI High Vendor file name aether-spi High Vendor pom artifactid aether-spi Low Vendor jar package name spi Highest Vendor jar package name sonatype Low Vendor pom groupid sonatype.aether Highest Vendor jar package name sonatype Highest Vendor pom groupid org.sonatype.aether Highest Vendor pom parent-artifactid aether-parent Low Vendor jar package name aether Highest Vendor pom parent-groupid org.sonatype.aether Medium Product pom artifactid aether-spi Highest Product jar package name aether Low Product jar package name spi Low Product pom name Aether :: SPI High Product file name aether-spi High Product jar package name connector Low Product jar package name spi Highest Product pom groupid sonatype.aether Highest Product jar package name sonatype Highest Product pom parent-artifactid aether-parent Medium Product jar package name aether Highest Product pom parent-groupid org.sonatype.aether Medium Version pom version 1.7 Highest Version file version 1.7 High
aether-util-0.9.0.M2.jarDescription:
A collection of utility classes to ease usage of the repository system.
License:
http://www.eclipse.org/legal/epl-v10.html File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\aether\aether-util\0.9.0.M2\aether-util-0.9.0.M2.jar
MD5: fc6315129d2e2063e2f2725e6337587f
SHA1: b957089deb654647da320ad7507b0a4b5ce23813
SHA256: 7d62b0fdef90196ec4b2947f5973d750bfd3935785244e77cc06780131c404e9
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.eclipse.aether Highest Vendor pom artifactid aether-util Low Vendor jar package name eclipse Highest Vendor pom name Aether Utilities High Vendor pom parent-artifactid aether Low Vendor jar package name repository Highest Vendor pom groupid eclipse.aether Highest Vendor file name aether-util High Vendor Manifest bundle-symbolicname org.eclipse.aether.util Medium Vendor Manifest bundle-docurl http://www.eclipse.org/aether/aether-util/ Low Vendor jar package name aether Highest Vendor jar package name util Highest Vendor pom parent-groupid org.eclipse.aether Medium Product pom parent-artifactid aether Medium Product jar package name eclipse Highest Product pom name Aether Utilities High Product jar package name repository Highest Product Manifest Bundle-Name Aether Utilities (Incubation) Medium Product pom groupid eclipse.aether Highest Product file name aether-util High Product Manifest bundle-symbolicname org.eclipse.aether.util Medium Product pom artifactid aether-util Highest Product Manifest bundle-docurl http://www.eclipse.org/aether/aether-util/ Low Product jar package name aether Highest Product jar package name util Highest Product pom parent-groupid org.eclipse.aether Medium Version pom version 0.9.0.M2 Highest Version Manifest Bundle-Version 0.9.0.M2 High
aether-util-1.7.jarDescription:
A collection of utility classes to ease usage of the repository system.
File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\aether\aether-util\1.7\aether-util-1.7.jarMD5: df02504fdf485555fc8bec459325d4baSHA1: 38485c9c086c3c867c2dd5371909337bd056c492SHA256: ff690ffc550b7ada3a4b79ef4ca89bf002b24f43a13a35d10195c3bba63d7654Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name aether Low Vendor pom artifactid aether-util Low Vendor jar package name util Low Vendor pom name Aether :: Utilities High Vendor jar package name sonatype Low Vendor pom groupid sonatype.aether Highest Vendor jar package name sonatype Highest Vendor jar package name repository Highest Vendor pom groupid org.sonatype.aether Highest Vendor pom parent-artifactid aether-parent Low Vendor file name aether-util High Vendor jar package name aether Highest Vendor jar package name util Highest Vendor pom parent-groupid org.sonatype.aether Medium Product jar package name aether Low Product jar package name util Low Product pom name Aether :: Utilities High Product pom groupid sonatype.aether Highest Product jar package name sonatype Highest Product jar package name repository Highest Product file name aether-util High Product pom parent-artifactid aether-parent Medium Product pom artifactid aether-util Highest Product jar package name aether Highest Product jar package name util Highest Product pom parent-groupid org.sonatype.aether Medium Version pom version 1.7 Highest Version file version 1.7 High
animal-sniffer-1.19.jarDescription:
Animal Sniffer.
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\animal-sniffer\1.19\animal-sniffer-1.19.jarMD5: 92a6e61d5fa4ba04d45f847e1ddf3f37SHA1: cc02c6aec0a36cb6295a43a22d3cce1b765d8d7dSHA256: 0a3bef9539fa5fa98390963569c8f455d34343731970bfb80a8e320b7e435e79Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mojo Low Vendor pom artifactid animal-sniffer Low Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor jar package name animal_sniffer Low Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom name Animal Sniffer High Vendor pom groupid org.codehaus.mojo Highest Vendor pom groupid codehaus.mojo Highest Vendor jar package name codehaus Low Vendor file name animal-sniffer High Vendor pom parent-artifactid animal-sniffer-parent Low Product pom groupid codehaus.mojo Highest Product jar package name mojo Low Product pom parent-artifactid animal-sniffer-parent Medium Product jar package name mojo Highest Product pom artifactid animal-sniffer Highest Product jar package name codehaus Highest Product jar package name animal_sniffer Low Product file name animal-sniffer High Product pom parent-groupid org.codehaus.mojo Medium Product pom name Animal Sniffer High Version file version 1.19 High Version pom version 1.19 Highest
animal-sniffer-annotations-1.18.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\animal-sniffer-annotations\1.18\animal-sniffer-annotations-1.18.jarMD5: f0a84f9b30590b3aa76edc893d6fe4ffSHA1: f7aa683ea79dc6681ee9fb95756c999acbb62f5dSHA256: 47f05852b48ee9baefef80fa3d8cea60efa4753c0013121dd7fe5eef2e5c729dReferenced In Project/Scope: dependency-plugin-tracker:provided
Evidence Type Source Name Value Confidence Vendor pom name Animal Sniffer Annotations High Vendor jar package name mojo Low Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor jar package name animal_sniffer Low Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor file name animal-sniffer-annotations High Vendor pom groupid codehaus.mojo Highest Vendor pom artifactid animal-sniffer-annotations Low Vendor jar package name codehaus Low Vendor pom parent-artifactid animal-sniffer-parent Low Product pom artifactid animal-sniffer-annotations Highest Product pom name Animal Sniffer Annotations High Product file name animal-sniffer-annotations High Product pom groupid codehaus.mojo Highest Product jar package name mojo Low Product pom parent-artifactid animal-sniffer-parent Medium Product jar package name ignorejrerequirement Low Product jar package name mojo Highest Product jar package name codehaus Highest Product jar package name animal_sniffer Low Product pom parent-groupid org.codehaus.mojo Medium Version file version 1.18 High Version pom version 1.18 Highest
animal-sniffer-maven-plugin-1.19.jarDescription:
Animal Sniffer Maven Plugin.
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\animal-sniffer-maven-plugin\1.19\animal-sniffer-maven-plugin-1.19.jarMD5: 993d1bb19d9e59b4ff0207bc89261d79SHA1: bd565b0e9353b17722b8a0f2d22b385a106e73deSHA256: 2330087caee0d2c4a1476563fb60c859fe6ff41984e8b0ed716bffeb043557e0Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mojo Low Vendor pom artifactid animal-sniffer-maven-plugin Low Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor jar package name animal_sniffer Low Vendor file name animal-sniffer-maven-plugin High Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor pom groupid codehaus.mojo Highest Vendor pom name Animal Sniffer Maven Plugin High Vendor jar package name maven Highest Vendor jar package name codehaus Low Vendor pom parent-artifactid animal-sniffer-parent Low Product jar package name mojo Low Product pom artifactid animal-sniffer-maven-plugin Highest Product pom parent-artifactid animal-sniffer-parent Medium Product jar package name mojo Highest Product jar package name codehaus Highest Product jar package name animal_sniffer Low Product file name animal-sniffer-maven-plugin High Product pom parent-groupid org.codehaus.mojo Medium Product pom groupid codehaus.mojo Highest Product pom name Animal Sniffer Maven Plugin High Product jar package name maven Highest Product jar package name maven Low Version file version 1.19 High Version pom version 1.19 Highest
ant-1.9.14.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\ant\ant\1.9.14\ant-1.9.14.jarMD5: b6c8e6f033547630e478de635aa3b422SHA1: e0c416f3d1f2b0867db12b58029facd6bcb3188aSHA256: 37c10bafb295aef7a8618da2ff82f0dd2d0cbe2bbbb7d5ea994ea615238bd041Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name apache Highest Vendor pom name Apache Ant Core High Vendor pom parent-artifactid ant-parent Low Vendor pom groupid org.apache.ant Highest Vendor file name ant High Vendor pom parent-groupid org.apache.ant Medium Vendor pom groupid apache.ant Highest Vendor jar package name ant Highest Vendor pom artifactid ant Low Vendor pom url http://ant.apache.org/ Highest Vendor manifest: org/apache/tools/ant/ Implementation-Vendor Apache Software Foundation Medium Product pom name Apache Ant Core High Product manifest: org/apache/tools/ant/ Implementation-Title org.apache.tools.ant Medium Product file name ant High Product pom parent-groupid org.apache.ant Medium Product pom url http://ant.apache.org/ Medium Product jar package name apache Highest Product pom parent-artifactid ant-parent Medium Product jar package name tools Highest Product pom artifactid ant Highest Product jar package name ant Highest Product pom groupid apache.ant Highest Product manifest: org/apache/tools/ant/ Specification-Title Apache Ant Medium Version file version 1.9.14 High Version pom version 1.9.14 Highest Version manifest: org/apache/tools/ant/ Implementation-Version 1.9.14 Medium
Related Dependencies ant-launcher-1.9.14.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\ant\ant-launcher\1.9.14\ant-launcher-1.9.14.jar MD5: 81cccea2c5280a4cf69c89a1f5cf20ac SHA1: 980c07e23cbf48252420689c3efa571efdc54cfb SHA256: faaf02c32f0649a2ebd146166b96a5c80cfddd3934fa0c260267e9c5be96088d pkg:maven/org.apache.ant/ant-launcher@1.9.14 Published Vulnerabilities CVE-2020-1945 suppress
Apache Ant 1.1 to 1.9.14 and 1.10.0 to 1.10.7 uses the default temporary directory identified by the Java system property java.io.tmpdir for several tasks and may thus leak sensitive information. The fixcrlf and replaceregexp tasks also copy files from the temporary directory back into the build tree allowing an attacker to inject modified source files into the build process. CWE-200 Information Exposure
CVSSv2:
Base Score: LOW (3.3) Vector: /AV:L/AC:M/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.3) Vector: /AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:N References:
Vulnerable Software & Versions: (show all )
antlr-2.7.7.jarDescription:
A framework for constructing recognizers, compilers,
and translators from grammatical descriptions containing
Java, C#, C++, or Python actions.
License:
BSD License: http://www.antlr.org/license.html File Path: C:\Users\Jeremy\.m2\repository\antlr\antlr\2.7.7\antlr-2.7.7.jar
MD5: f8f1352c52a4c6a500b597596501fc64
SHA1: 83cd2cd674a217ade95a4bb83a8a14f351f48bd0
SHA256: 88fbda4b912596b9f56e8e12e580cc954bacfb51776ecfddd3e18fc1cf56dc4c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name AntLR Parser Generator High Vendor pom artifactid antlr Low Vendor jar package name python Highest Vendor jar package name parser Highest Vendor jar package name actions Highest Vendor pom url http://www.antlr.org/ Highest Vendor jar package name antlr Highest Vendor file name antlr High Vendor jar package name antlr Low Vendor pom groupid antlr Highest Vendor jar package name java Highest Product pom name AntLR Parser Generator High Product jar package name python Highest Product pom url http://www.antlr.org/ Medium Product jar package name parser Highest Product jar package name actions Highest Product jar package name antlr Highest Product file name antlr High Product pom groupid antlr Highest Product jar package name java Highest Product pom artifactid antlr Highest Version pom version 2.7.7 Highest Version file version 2.7.7 High
antlr-runtime-3.4.jarDescription:
A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions. File Path: C:\Users\Jeremy\.m2\repository\org\antlr\antlr-runtime\3.4\antlr-runtime-3.4.jarMD5: 0e0318be407e51fdf7ba6777eabfdf73SHA1: 8f011408269a8e42b8548687e137d8eeb56df4b4SHA256: 5b7cf53b7b30b034023f58030c8147c433f2bee0fe7dec8fae6bebf3708c5a63Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://www.antlr.org Highest Vendor jar package name antlr Highest Vendor pom groupid org.antlr Highest Vendor pom parent-groupid org.antlr Medium Vendor pom name Antlr 3.4 Runtime High Vendor pom groupid antlr Highest Vendor pom artifactid antlr-runtime Low Vendor jar package name runtime Highest Vendor pom parent-artifactid antlr-master Low Vendor file name antlr-runtime High Vendor jar package name runtime Low Vendor jar package name antlr Low Product jar package name runtime Highest Product pom parent-artifactid antlr-master Medium Product file name antlr-runtime High Product pom url http://www.antlr.org Medium Product jar package name antlr Highest Product jar package name runtime Low Product pom parent-groupid org.antlr Medium Product pom name Antlr 3.4 Runtime High Product pom artifactid antlr-runtime Highest Product pom groupid antlr Highest Version pom version 3.4 Highest Version file version 3.4 High
antlr4-runtime-4.8-1.jarDescription:
The ANTLR 4 Runtime License:
http://www.antlr.org/license.html File Path: C:\Users\Jeremy\.m2\repository\org\antlr\antlr4-runtime\4.8-1\antlr4-runtime-4.8-1.jar
MD5: f348edaf475bd7c733decd080f2bb84f
SHA1: 2d0456a791f3a95916c8c23b3bea3a90eea24720
SHA256: bdcf58107ba1a499b25e3db205086767dd409d3f5ab12c90f2d429f55ec774a6
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor ANTLR High Vendor Manifest implementation-url http://www.antlr.org/runtime/antlr4-runtime Low Vendor pom name ANTLR 4 Runtime High Vendor pom parent-artifactid antlr4-master Low Vendor jar package name antlr Highest Vendor Manifest automatic-module-name org.antlr.antlr4.runtime Medium Vendor pom groupid org.antlr Highest Vendor pom parent-groupid org.antlr Medium Vendor pom groupid antlr Highest Vendor pom artifactid antlr4-runtime Low Vendor jar package name runtime Highest Vendor file name antlr4-runtime High Vendor Manifest bundle-docurl http://www.antlr.org Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor Manifest Implementation-Vendor-Id org.antlr Medium Vendor Manifest bundle-symbolicname org.antlr.antlr4-runtime Medium Product Manifest implementation-url http://www.antlr.org/runtime/antlr4-runtime Low Product pom name ANTLR 4 Runtime High Product jar package name antlr Highest Product Manifest automatic-module-name org.antlr.antlr4.runtime Medium Product Manifest Implementation-Title ANTLR 4 Runtime High Product pom parent-groupid org.antlr Medium Product pom groupid antlr Highest Product pom parent-artifactid antlr4-master Medium Product jar package name runtime Highest Product file name antlr4-runtime High Product pom artifactid antlr4-runtime Highest Product Manifest bundle-docurl http://www.antlr.org Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product Manifest Bundle-Name ANTLR 4 Runtime Medium Product Manifest bundle-symbolicname org.antlr.antlr4-runtime Medium Version Manifest Implementation-Version 4.8-1 High Version pom version 4.8-1 Highest
aopalliance-1.0.jarDescription:
AOP Alliance License:
Public Domain File Path: C:\Users\Jeremy\.m2\repository\aopalliance\aopalliance\1.0\aopalliance-1.0.jar
MD5: 04177054e180d09e3998808efa0401c7
SHA1: 0235ba8b489512805ac13a8f9ea77a1ca5ebe3e8
SHA256: 0addec670fedcd3f113c5c8091d783280d23f75e3acb841b61a9cdb079376a08
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid aopalliance Highest Vendor jar package name aop Highest Vendor pom url http://aopalliance.sourceforge.net Highest Vendor pom name AOP alliance High Vendor jar package name intercept Low Vendor pom artifactid aopalliance Low Vendor jar package name aopalliance Low Vendor jar package name aopalliance Highest Vendor file name aopalliance High Product pom groupid aopalliance Highest Product jar package name aop Highest Product pom name AOP alliance High Product pom artifactid aopalliance Highest Product jar package name intercept Low Product pom url http://aopalliance.sourceforge.net Medium Product jar package name aopalliance Highest Product file name aopalliance High Version file version 1.0 High Version pom version 1.0 Highest
asm-3.3.1.jarFile Path: C:\Users\Jeremy\.m2\repository\asm\asm\3.3.1\asm-3.3.1.jarMD5: 1ad1e8959324b0f680b8e62406955642SHA1: 1d5f20b4ea675e6fab6ab79f1cd60ec268ddc015SHA256: c2b39275f8e951bc74750080a1266cdabc39399bc5e13d642bf2d346449df7f3Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid asm Low Vendor Manifest Implementation-Vendor France Telecom R&D High Vendor pom groupid asm Highest Vendor pom name ASM Core High Vendor pom parent-artifactid asm-parent Low Vendor file name asm High Vendor jar package name asm Highest Product pom parent-artifactid asm-parent Medium Product pom artifactid asm Highest Product pom groupid asm Highest Product pom name ASM Core High Product file name asm High Product Manifest Implementation-Title ASM High Product jar package name asm Highest Version pom version 3.3.1 Highest Version file version 3.3.1 High Version Manifest Implementation-Version 3.3.1 High
asm-9.0.jarDescription:
ASM, a very small and fast Java bytecode manipulation framework License:
BSD-3-Clause: https://asm.ow2.io/license.html File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm\9.0\asm-9.0.jar
MD5: e87284e4421437854ba938179cf803e7
SHA1: af582ff60bc567c42d931500c3fdc20e0141ddf9
SHA256: 0df97574914aee92fd349d0cb4e00f3345d45b2c239e0bb50f0a90ead47888e0
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid ow2.asm Highest Vendor pom artifactid asm Low Vendor pom organization url http://www.ow2.org/ Medium Vendor pom parent-artifactid ow2 Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor jar package name asm Highest Vendor pom url http://asm.ow2.io/ Highest Vendor Manifest bundle-symbolicname org.objectweb.asm Medium Vendor pom organization name OW2 High Vendor jar package name objectweb Highest Vendor pom parent-groupid org.ow2 Medium Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor pom name asm High Vendor pom groupid org.ow2.asm Highest Vendor file name asm High Product pom groupid ow2.asm Highest Product pom organization name OW2 Low Product Manifest Implementation-Title ASM, a very small and fast Java bytecode manipulation framework High Product pom artifactid asm Highest Product Manifest Bundle-Name org.objectweb.asm Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product jar package name asm Highest Product Manifest bundle-symbolicname org.objectweb.asm Medium Product pom parent-artifactid ow2 Medium Product jar package name objectweb Highest Product pom parent-groupid org.ow2 Medium Product pom organization url http://www.ow2.org/ Low Product Manifest bundle-docurl http://asm.ow2.org Low Product pom name asm High Product file name asm High Product pom url http://asm.ow2.io/ Medium Version Manifest Implementation-Version 9.0 High Version pom version 9.0 Highest Version pom parent-version 9.0 Low Version file version 9.0 High
asm-analysis-9.0.jarDescription:
Static code analysis API of ASM, a very small and fast Java bytecode manipulation framework License:
BSD-3-Clause: https://asm.ow2.io/license.html File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm-analysis\9.0\asm-analysis-9.0.jar
MD5: daed5f6bc67ac8f01bebeca0bb72a369
SHA1: 4630afefbb43939c739445dde0af1a5729a0fb4e
SHA256: 2d46de6df856a4daac9aa534459ab7287eb80584e9109850405e5b302dc9c2a6
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid ow2.asm Highest Vendor pom organization url http://www.ow2.org/ Medium Vendor Manifest module-requires org.objectweb.asm.tree;transitive=true Low Vendor pom parent-artifactid ow2 Low Vendor jar package name analysis Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor jar package name asm Highest Vendor jar package name tree Highest Vendor pom url http://asm.ow2.io/ Highest Vendor pom organization name OW2 High Vendor jar package name objectweb Highest Vendor pom parent-groupid org.ow2 Medium Vendor pom artifactid asm-analysis Low Vendor file name asm-analysis High Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-symbolicname org.objectweb.asm.tree.analysis Medium Vendor pom groupid org.ow2.asm Highest Vendor pom name asm-analysis High Product pom groupid ow2.asm Highest Product Manifest module-requires org.objectweb.asm.tree;transitive=true Low Product pom organization name OW2 Low Product jar package name analysis Highest Product Manifest Bundle-Name org.objectweb.asm.tree.analysis Medium Product Manifest Implementation-Title Static code analysis API of ASM, a very small and fast Java bytecode manipulation framework High Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom artifactid asm-analysis Highest Product jar package name asm Highest Product jar package name tree Highest Product pom parent-artifactid ow2 Medium Product jar package name objectweb Highest Product pom parent-groupid org.ow2 Medium Product pom organization url http://www.ow2.org/ Low Product file name asm-analysis High Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest bundle-symbolicname org.objectweb.asm.tree.analysis Medium Product pom name asm-analysis High Product pom url http://asm.ow2.io/ Medium Version Manifest Implementation-Version 9.0 High Version pom version 9.0 Highest Version pom parent-version 9.0 Low Version file version 9.0 High
asm-commons-9.0.jarDescription:
Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework License:
BSD-3-Clause: https://asm.ow2.io/license.html File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm-commons\9.0\asm-commons-9.0.jar
MD5: e84f4f465fe607932af0d9ca4b31bce5
SHA1: 5a34a3a9ac44f362f35d1b27932380b0031a3334
SHA256: 1b9090acb7e67bd4ed2f2cfb002063316d79cecace237bd07cc4f7f1b302092f
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid ow2.asm Highest Vendor pom organization url http://www.ow2.org/ Medium Vendor pom parent-artifactid ow2 Low Vendor pom name asm-commons High Vendor Manifest bundle-symbolicname org.objectweb.asm.commons Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor jar package name asm Highest Vendor pom url http://asm.ow2.io/ Highest Vendor pom organization name OW2 High Vendor jar package name objectweb Highest Vendor jar package name commons Highest Vendor pom parent-groupid org.ow2 Medium Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true Low Vendor pom groupid org.ow2.asm Highest Vendor pom artifactid asm-commons Low Vendor file name asm-commons High Product pom groupid ow2.asm Highest Product pom organization name OW2 Low Product pom name asm-commons High Product Manifest Implementation-Title Usefull class adapters based on ASM, a very small and fast Java bytecode manipulation framework High Product Manifest bundle-symbolicname org.objectweb.asm.commons Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product jar package name asm Highest Product pom parent-artifactid ow2 Medium Product jar package name objectweb Highest Product jar package name commons Highest Product pom parent-groupid org.ow2 Medium Product pom organization url http://www.ow2.org/ Low Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest Bundle-Name org.objectweb.asm.commons Medium Product pom artifactid asm-commons Highest Product Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true Low Product file name asm-commons High Product pom url http://asm.ow2.io/ Medium Version Manifest Implementation-Version 9.0 High Version pom version 9.0 Highest Version pom parent-version 9.0 Low Version file version 9.0 High
asm-tree-9.0.jarDescription:
Tree API of ASM, a very small and fast Java bytecode manipulation framework License:
BSD-3-Clause: https://asm.ow2.io/license.html File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm-tree\9.0\asm-tree-9.0.jar
MD5: 3798070ed795cf4aa7efd7f63feec2a2
SHA1: 9df939f25c556b0c7efe00701d47e77a49837f24
SHA256: e2c25f332eb95861883a8568e45aac5e77d140d0fe961ae8eb9a474ec876e00d
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid ow2.asm Highest Vendor pom organization url http://www.ow2.org/ Medium Vendor pom parent-artifactid ow2 Low Vendor Manifest bundle-symbolicname org.objectweb.asm.tree Medium Vendor pom name asm-tree High Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor jar package name asm Highest Vendor jar package name tree Highest Vendor pom url http://asm.ow2.io/ Highest Vendor pom organization name OW2 High Vendor jar package name objectweb Highest Vendor pom parent-groupid org.ow2 Medium Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest module-requires org.objectweb.asm;transitive=true Low Vendor pom groupid org.ow2.asm Highest Vendor pom artifactid asm-tree Low Vendor file name asm-tree High Product pom groupid ow2.asm Highest Product pom organization name OW2 Low Product pom artifactid asm-tree Highest Product Manifest bundle-symbolicname org.objectweb.asm.tree Medium Product Manifest Bundle-Name org.objectweb.asm.tree Medium Product pom name asm-tree High Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product jar package name asm Highest Product jar package name tree Highest Product Manifest Implementation-Title Tree API of ASM, a very small and fast Java bytecode manipulation framework High Product pom parent-artifactid ow2 Medium Product jar package name objectweb Highest Product pom parent-groupid org.ow2 Medium Product pom organization url http://www.ow2.org/ Low Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest module-requires org.objectweb.asm;transitive=true Low Product pom url http://asm.ow2.io/ Medium Product file name asm-tree High Version Manifest Implementation-Version 9.0 High Version pom version 9.0 Highest Version pom parent-version 9.0 Low Version file version 9.0 High
asm-util-9.0.jarDescription:
Utilities for ASM, a very small and fast Java bytecode manipulation framework License:
BSD-3-Clause: https://asm.ow2.io/license.html File Path: C:\Users\Jeremy\.m2\repository\org\ow2\asm\asm-util\9.0\asm-util-9.0.jar
MD5: ddbcaa2262311e04a6b0560787b47da4
SHA1: 7c059a94ab5eed3347bf954e27fab58e52968848
SHA256: 2af6e7d01e0862e75193f3c01a06a689b0a245947e29f38eb683633391519bb6
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid ow2.asm Highest Vendor pom organization url http://www.ow2.org/ Medium Vendor pom parent-artifactid ow2 Low Vendor pom artifactid asm-util Low Vendor file name asm-util High Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor jar package name asm Highest Vendor pom url http://asm.ow2.io/ Highest Vendor pom organization name OW2 High Vendor jar package name objectweb Highest Vendor pom parent-groupid org.ow2 Medium Vendor Manifest bundle-docurl http://asm.ow2.org Low Vendor Manifest bundle-symbolicname org.objectweb.asm.util Medium Vendor Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true Low Vendor pom groupid org.ow2.asm Highest Vendor jar package name util Highest Vendor pom name asm-util High Product pom groupid ow2.asm Highest Product Manifest Bundle-Name org.objectweb.asm.util Medium Product pom organization name OW2 Low Product pom artifactid asm-util Highest Product Manifest Implementation-Title Utilities for ASM, a very small and fast Java bytecode manipulation framework High Product file name asm-util High Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product jar package name asm Highest Product pom parent-artifactid ow2 Medium Product jar package name objectweb Highest Product pom parent-groupid org.ow2 Medium Product pom organization url http://www.ow2.org/ Low Product Manifest bundle-docurl http://asm.ow2.org Low Product Manifest bundle-symbolicname org.objectweb.asm.util Medium Product Manifest module-requires org.objectweb.asm;transitive=true,org.objectweb.asm.tree;transitive=true,org.objectweb.asm.tree.analysis;transitive=true Low Product jar package name util Highest Product pom url http://asm.ow2.io/ Medium Product pom name asm-util High Version Manifest Implementation-Version 9.0 High Version pom version 9.0 Highest Version pom parent-version 9.0 Low Version file version 9.0 High
autolink-0.6.0.jarDescription:
Java library to extract links (URLs, email addresses) from plain text;
fast, small and smart about recognizing where links end
License:
MIT License: http://www.opensource.org/licenses/mit-license.php File Path: C:\Users\Jeremy\.m2\repository\org\nibor\autolink\autolink\0.6.0\autolink-0.6.0.jar
MD5: f2633571471a5957ee12e61b184e6219
SHA1: 3986d016a14e8c81afeec752f19af29b20e8367b
SHA256: a80be030f6386f18111cad9161c0b6983157352a1b59a59e6002172f0d321c04
Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name nibor Highest Vendor pom artifactid autolink Low Vendor file name autolink High Vendor jar package name autolink Low Vendor pom groupid org.nibor.autolink Highest Vendor pom url robinst/autolink-java Highest Vendor jar package name nibor Low Vendor jar package name autolink Highest Vendor pom groupid nibor.autolink Highest Vendor pom name autolink-java High Product jar package name nibor Highest Product file name autolink High Product pom url robinst/autolink-java High Product jar package name autolink Low Product pom artifactid autolink Highest Product jar package name autolink Highest Product pom groupid nibor.autolink Highest Product pom name autolink-java High Version file version 0.6.0 High Version pom version 0.6.0 Highest
backport-util-concurrent-3.1.jarDescription:
Dawid Kurzyniec's backport of JSR 166 License:
Public Domain: http://creativecommons.org/licenses/publicdomain File Path: C:\Users\Jeremy\.m2\repository\backport-util-concurrent\backport-util-concurrent\3.1\backport-util-concurrent-3.1.jar
MD5: 748bb0cbf4780b2e3121dc9c12e10cd9
SHA1: 682f7ac17fed79e92f8e87d8455192b63376347b
SHA256: f5759b7fcdfc83a525a036deedcbd32e5b536b625ebc282426f16ca137eb5902
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid backport-util-concurrent Highest Vendor pom organization name Dawid Kurzyniec High Vendor pom name Backport of JSR 166 High Vendor jar package name backport Highest Vendor jar package name edu Low Vendor jar package name emory Low Vendor pom organization url http://www.mathcs.emory.edu/~dawidk/ Medium Vendor file name backport-util-concurrent High Vendor jar package name mathcs Low Vendor pom artifactid backport-util-concurrent Low Vendor pom url http://backport-jsr166.sourceforge.net/ Highest Product pom groupid backport-util-concurrent Highest Product pom name Backport of JSR 166 High Product jar package name backport Highest Product jar package name emory Low Product file name backport-util-concurrent High Product pom organization url http://www.mathcs.emory.edu/~dawidk/ Low Product pom artifactid backport-util-concurrent Highest Product pom organization name Dawid Kurzyniec Low Product jar package name mathcs Low Product jar package name backport Low Product pom url http://backport-jsr166.sourceforge.net/ Medium Version file version 3.1 High Version pom version 3.1 Highest
bcel-6.2.jarDescription:
Apache Commons Bytecode Engineering Library License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\bcel\bcel\6.2\bcel-6.2.jar
MD5: f0b8a17310c039ee51d265228ed89d1c
SHA1: 2c1499b28bf2638cbdb5fa94350d41a46d2bd4e0
SHA256: d6aff83c840646b922b3658d57898bb5314af4a02d70ebf0f7db8bc46203d72e
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name bcel High Vendor Manifest automatic-module-name org.apache.bcel Medium Vendor pom artifactid bcel Low Vendor pom parent-artifactid commons-parent Low Vendor jar package name bcel Highest Vendor pom parent-groupid org.apache.commons Medium Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-bcel Low Vendor Manifest bundle-symbolicname org.apache.bcel Medium Vendor pom groupid org.apache.bcel Highest Vendor pom groupid apache.bcel Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.bcel Medium Vendor pom name Apache Commons BCEL High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom organization url http://www.apache.org/ Medium Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest implementation-url http://commons.apache.org/proper/commons-bcel Low Vendor pom organization name The Apache Software Foundation High Vendor pom url http://commons.apache.org/proper/commons-bcel Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product file name bcel High Product Manifest automatic-module-name org.apache.bcel Medium Product pom organization name The Apache Software Foundation Low Product Manifest specification-title Apache Commons BCEL Medium Product pom url http://commons.apache.org/proper/commons-bcel Medium Product jar package name bcel Highest Product pom parent-groupid org.apache.commons Medium Product Manifest bundle-docurl http://commons.apache.org/proper/commons-bcel Low Product Manifest Implementation-Title Apache Commons BCEL High Product Manifest bundle-symbolicname org.apache.bcel Medium Product pom groupid apache.bcel Highest Product pom artifactid bcel Highest Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product pom name Apache Commons BCEL High Product Manifest implementation-url http://commons.apache.org/proper/commons-bcel Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product Manifest Bundle-Name Apache Commons BCEL Medium Product pom organization url http://www.apache.org/ Low Version pom version 6.2 Highest Version Manifest Implementation-Version 6.2 High Version pom parent-version 6.2 Low Version file version 6.2 High
bsh-2.0b4.jarDescription:
BeanShell File Path: C:\Users\Jeremy\.m2\repository\org\beanshell\bsh\2.0b4\bsh-2.0b4.jarMD5: a1c60aa83c9c9a6cb2391c1c1b85eb00SHA1: a05f0a0feefa8d8467ac80e16e7de071489f0d9cSHA256: 91395c07885839a8c6986d5b7c577cd9bacf01bf129c89141f35e8ea858427b6Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid beanshell Highest Vendor jar package name org Highest Vendor pom artifactid bsh Low Vendor file name bsh High Vendor jar package name bsh Highest Vendor Manifest Implementation-Vendor Pat Niemeyer (pat@pat.net) High Vendor pom parent-groupid org.beanshell Medium Vendor Manifest specification-vendor http://www.beanshell.org/ Low Vendor pom parent-artifactid beanshell Low Vendor pom groupid org.beanshell Highest Vendor pom name BeanShell High Vendor hint analyzer vendor beanshell_project Highest Product pom groupid beanshell Highest Product pom parent-artifactid beanshell Medium Product jar package name org Highest Product file name bsh High Product pom parent-groupid org.beanshell Medium Product jar package name bsh Highest Product pom name BeanShell High Product hint analyzer product beanshell Highest Product pom artifactid bsh Highest Product Manifest specification-title BeanShell Medium Version pom version 2.0b4 Highest
Published Vulnerabilities CVE-2016-2510 (OSSINDEX) suppress
BeanShell (bsh) before 2.0b6, when included on the classpath by an application that uses Java serialization or XStream, allows remote attackers to execute arbitrary code via crafted serialized data, related to XThis.Handler. CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.beanshell:bsh:2.0b4:*:*:*:*:*:*:* bsh-2.0b6.jarDescription:
BeanShell is a small, free, embeddable Java source interpreter
with object scripting language features, written in Java. BeanShell
dynamically executes standard Java syntax and extends it with common
scripting conveniences such as loose types, commands, and method closures
like those in Perl and JavaScript.
License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache-extras\beanshell\bsh\2.0b6\bsh-2.0b6.jar
MD5: 0f27117d5b4cfeea1d0634125313fac0
SHA1: fb418f9b33a0b951e9a2978b4b6ee93b2707e72f
SHA256: a17955976070c0573235ee662f2794a78082758b61accffce8d3f8aedcd91047
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid bsh Low Vendor file name bsh High Vendor Manifest Implementation-Vendor Pat Niemeyer (pat@pat.net) High Vendor pom groupid org.apache-extras.beanshell Highest Vendor jar package name bsh Highest Vendor Manifest specification-vendor http://www.beanshell.org/ Low Vendor pom url beanshell/beanshell/ Highest Vendor jar package name interpreter Highest Vendor pom name BeanShell High Vendor pom groupid apache-extras.beanshell Highest Vendor hint analyzer vendor beanshell_project Highest Product file name bsh High Product pom url beanshell/beanshell/ High Product jar package name bsh Highest Product jar package name interpreter Highest Product pom name BeanShell High Product hint analyzer product beanshell Highest Product pom artifactid bsh Highest Product pom groupid apache-extras.beanshell Highest Product Manifest specification-title BeanShell Medium Version pom version 2.0b6 Highest
build-helper-maven-plugin-3.2.0.jarDescription:
This plugin contains various small independent goals to assist with Maven build lifecycle License:
The MIT License: https://opensource.org/licenses/mit-license.php File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\build-helper-maven-plugin\3.2.0\build-helper-maven-plugin-3.2.0.jar
MD5: 00f0cebd44d6e926d2a48b4d55531819
SHA1: 7d8b5e040315a2336ffce647f720b2a7283ece70
SHA256: 5824223c3959636a71476321017f821d8a7f15bab61f2220605c414413770d98
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid build-helper-maven-plugin Low Vendor jar package name buildhelper Low Vendor jar package name mojo Low Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor file name build-helper-maven-plugin High Vendor pom url http://www.mojohaus.org/build-helper-maven-plugin/ Highest Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor pom groupid codehaus.mojo Highest Vendor pom parent-artifactid mojo-parent Low Vendor pom name Build Helper Maven Plugin High Vendor jar package name codehaus Low Product jar package name buildhelper Low Product pom groupid codehaus.mojo Highest Product jar package name mojo Low Product pom name Build Helper Maven Plugin High Product pom parent-artifactid mojo-parent Medium Product jar package name mojo Highest Product pom artifactid build-helper-maven-plugin Highest Product jar package name codehaus Highest Product file name build-helper-maven-plugin High Product pom url http://www.mojohaus.org/build-helper-maven-plugin/ Medium Product pom parent-groupid org.codehaus.mojo Medium Version pom version 3.2.0 Highest Version pom parent-version 3.2.0 Low Version file version 3.2.0 High
buildnumber-maven-plugin-1.4.jarDescription:
This plugin is designed to give you a build number. So when you might make 100 builds of version
1.0-SNAPSHOT, you can differentiate between them all.
License:
The MIT License: http://www.opensource.org/licenses/mit-license.php File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\buildnumber-maven-plugin\1.4\buildnumber-maven-plugin-1.4.jar
MD5: 5f1c8d5acfae4864e41f0029581350a9
SHA1: af5e3c6d7eb02c125488e83168c179f7c12743fc
SHA256: bc4fe3eb8bd209505f9f59f93f65d2134a5910f26b8ef197779d4408f05adf71
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mojo Low Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor jar package name build Low Vendor file name buildnumber-maven-plugin High Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor jar package name build Highest Vendor pom groupid codehaus.mojo Highest Vendor pom parent-artifactid mojo-parent Low Vendor pom name Build Number Maven Plugin High Vendor pom artifactid buildnumber-maven-plugin Low Vendor jar package name codehaus Low Product jar package name build Highest Product pom groupid codehaus.mojo Highest Product jar package name mojo Low Product pom name Build Number Maven Plugin High Product pom parent-artifactid mojo-parent Medium Product jar package name mojo Highest Product jar package name codehaus Highest Product jar package name build Low Product pom artifactid buildnumber-maven-plugin Highest Product file name buildnumber-maven-plugin High Product pom parent-groupid org.codehaus.mojo Medium Version pom version 1.4 Highest Version file version 1.4 High Version pom parent-version 1.4 Low
cdi-api-1.0.jarDescription:
APIs for JSR-299: Contexts and Dependency Injection for Java EE File Path: C:\Users\Jeremy\.m2\repository\javax\enterprise\cdi-api\1.0\cdi-api-1.0.jarMD5: 462c0959f0322016495f4598243bc0f2SHA1: 44c453f60909dfc223552ace63e05c694215156bSHA256: 1f10b2204cc77c919301f20ff90461c3df1b6e6cb148be1c2d22107f4851d423Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid javax.enterprise Highest Vendor Manifest Implementation-Vendor Seam Framework High Vendor jar package name javax Highest Vendor pom parent-groupid org.jboss.weld Medium Vendor Manifest specification-vendor Seam Framework Low Vendor file name cdi-api High Vendor pom name CDI APIs High Vendor Manifest implementation-url http://www.seamframework.org/Weld/cdi-api Low Vendor pom artifactid cdi-api Low Vendor pom parent-artifactid weld-api-parent Low Vendor jar package name enterprise Highest Product pom groupid javax.enterprise Highest Product jar package name javax Highest Product pom parent-groupid org.jboss.weld Medium Product pom artifactid cdi-api Highest Product file name cdi-api High Product Manifest Implementation-Title CDI APIs High Product pom name CDI APIs High Product Manifest implementation-url http://www.seamframework.org/Weld/cdi-api Low Product pom parent-artifactid weld-api-parent Medium Product Manifest specification-title CDI APIs Medium Product jar package name enterprise Highest Version file version 1.0 High Version pom version 1.0 Highest
cglib-2.2.2.jarDescription:
Code generation library License:
ASF 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\cglib\cglib\2.2.2\cglib-2.2.2.jar
MD5: b3f681be48fce094cf01a045f5bdca6f
SHA1: a47a971686474124562bdd4a7ccbd8ac8c3e8b11
SHA256: a93e4485d274277177480c4afe6ddd8355cda1cacfe356c134e25d65193935fd
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Code Generation Library High Vendor jar package name sf Low Vendor pom artifactid cglib Low Vendor jar package name cglib Low Vendor pom groupid cglib Highest Vendor jar package name net Low Vendor pom url http://cglib.sourceforge.net/ Highest Vendor jar package name cglib Highest Vendor file name cglib High Product pom name Code Generation Library High Product jar package name sf Low Product jar package name cglib Low Product pom groupid cglib Highest Product pom url http://cglib.sourceforge.net/ Medium Product pom artifactid cglib Highest Product jar package name cglib Highest Product file name cglib High Version pom version 2.2.2 Highest Version file version 2.2.2 High
checker-qual-2.11.1.jarDescription:
Checker Qual is the set of annotations (qualifiers) and supporting classes
used by the Checker Framework to type check Java source code. Please
see artifact:
org.checkerframework:checker
License:
The MIT License: http://opensource.org/licenses/MIT File Path: C:\Users\Jeremy\.m2\repository\org\checkerframework\checker-qual\2.11.1\checker-qual-2.11.1.jar
MD5: 936884d7b04ee8f064df137bcdfe470d
SHA1: 8c43bf8f99b841d23aadda6044329dad9b63c185
SHA256: 015224a4b1dc6de6da053273d4da7d39cfea20e63038169fc45ac0d1dc9c5938
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name checker-qual High Vendor pom artifactid checker-qual Low Vendor jar package name checkerframework Highest Vendor jar package name checker Highest Vendor pom groupid org.checkerframework Highest Vendor jar package name qual Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom name Checker Qual High Vendor pom groupid checkerframework Highest Vendor pom url https://checkerframework.org Highest Vendor Manifest automatic-module-name org.checkerframework.checker.qual Medium Vendor Manifest bundle-symbolicname checker-qual Medium Vendor Manifest implementation-url https://checkerframework.org Low Vendor jar package name framework Highest Product file name checker-qual High Product jar package name checkerframework Highest Product jar package name checker Highest Product jar package name qual Highest Product Manifest Bundle-Name checker-qual Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom artifactid checker-qual Highest Product pom name Checker Qual High Product pom groupid checkerframework Highest Product pom url https://checkerframework.org Medium Product Manifest automatic-module-name org.checkerframework.checker.qual Medium Product Manifest bundle-symbolicname checker-qual Medium Product Manifest implementation-url https://checkerframework.org Low Product jar package name framework Highest Version pom version 2.11.1 Highest Version file version 2.11.1 High Version Manifest Bundle-Version 2.11.1 High Version Manifest Implementation-Version 2.11.1 High
checkstyle-8.29.jarDescription:
Checkstyle is a development tool to help programmers write Java code
that adheres to a coding standard
License:
LGPL-2.1+: http://www.gnu.org/licenses/old-licenses/lgpl-2.1.txt File Path: C:\Users\Jeremy\.m2\repository\com\puppycrawl\tools\checkstyle\8.29\checkstyle-8.29.jar
MD5: e5183318a6e023e70b22aa2b17111497
SHA1: 74443467c98b657c62b977a8f170da6b85a07b0f
SHA256: 94588bf42b49d26527c385787b0d37dfc6412151a28a0a927ed28a8a76e613a3
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid com.puppycrawl.tools Highest Vendor jar package name checkstyle Highest Vendor pom name checkstyle High Vendor file name checkstyle High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name puppycrawl Highest Vendor jar package name tools Highest Vendor pom artifactid checkstyle Low Vendor pom groupid puppycrawl.tools Highest Vendor pom url https://checkstyle.org/ Highest Product pom artifactid checkstyle Highest Product jar package name checkstyle Highest Product pom name checkstyle High Product file name checkstyle High Product Manifest Implementation-Title checkstyle High Product Manifest build-jdk-spec 1.8 Low Product Manifest specification-title checkstyle Medium Product jar package name puppycrawl Highest Product jar package name tools Highest Product pom groupid puppycrawl.tools Highest Product pom url https://checkstyle.org/ Medium Version file version 8.29 High Version pom version 8.29 Highest Version Manifest Implementation-Version 8.29 High
classworlds-1.1.jarFile Path: C:\Users\Jeremy\.m2\repository\classworlds\classworlds\1.1\classworlds-1.1.jarMD5: c20629baa65f1f2948b37aa393b0310bSHA1: 60c708f55deeb7c5dfce8a7886ef09cbc1388ecaSHA256: 4e3e0ad158ec60917e0de544c550f31cd65d5a97c3af1c1968bf427e4a9df2e4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name classworlds Highest Vendor Manifest specification-vendor The Codehaus Low Vendor Manifest Implementation-Vendor The Codehaus High Vendor pom organization url http://codehaus.org/ Medium Vendor jar package name codehaus Highest Vendor file name classworlds High Vendor pom groupid classworlds Highest Vendor pom url http://classworlds.codehaus.org/ Highest Vendor pom artifactid classworlds Low Vendor pom organization name The Codehaus High Vendor Manifest extension-name classworlds Medium Vendor pom name classworlds High Product pom artifactid classworlds Highest Product jar package name classworlds Highest Product jar package name codehaus Highest Product pom organization url http://codehaus.org/ Low Product file name classworlds High Product Manifest Implementation-Title org.codehaus.classworlds High Product pom groupid classworlds Highest Product pom url http://classworlds.codehaus.org/ Medium Product Manifest specification-title classworlds: Java(tm) ClassLoader Management F... Medium Product pom organization name The Codehaus Low Product Manifest extension-name classworlds Medium Product pom name classworlds High Version Manifest Implementation-Version 1.1 High Version file version 1.1 High Version pom version 1.1 Highest
commons-beanutils-1.9.4.jarDescription:
Apache Commons BeanUtils provides an easy-to-use but flexible wrapper around reflection and introspection. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-beanutils\commons-beanutils\1.9.4\commons-beanutils-1.9.4.jar
MD5: 07dc532ee316fe1f2f0323e9bd2f8df4
SHA1: d52b9abcd97f38c81342bb7e7ae1eee9b73cba51
SHA256: 7d938c81789028045c08c065e94be75fc280527620d5bd62b519d5838532368a
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor file name commons-beanutils High Vendor Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom name Apache Commons BeanUtils High Vendor pom groupid commons-beanutils Highest Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom url https://commons.apache.org/proper/commons-beanutils/ Highest Vendor pom artifactid commons-beanutils Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Vendor jar package name beanutils Highest Product Manifest specification-title Apache Commons BeanUtils Medium Product Manifest implementation-url https://commons.apache.org/proper/commons-beanutils/ Low Product Manifest Implementation-Title Apache Commons BeanUtils High Product pom parent-groupid org.apache.commons Medium Product file name commons-beanutils High Product Manifest Bundle-Name Apache Commons BeanUtils Medium Product Manifest implementation-build UNKNOWN_BRANCH@r??????; 2019-07-28 22:14:44+0000 Low Product pom artifactid commons-beanutils Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product pom name Apache Commons BeanUtils High Product jar package name apache Highest Product pom groupid commons-beanutils Highest Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-beanutils/ Medium Product jar package name commons Highest Product Manifest bundle-symbolicname org.apache.commons.commons-beanutils Medium Product Manifest bundle-docurl https://commons.apache.org/proper/commons-beanutils/ Low Product jar package name beanutils Highest Version pom version 1.9.4 Highest Version file version 1.9.4 High Version Manifest Bundle-Version 1.9.4 High Version Manifest Implementation-Version 1.9.4 High Version pom parent-version 1.9.4 Low
commons-chain-1.2.jarDescription:
An implementation of the GoF Chain of Responsibility pattern
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-chain\commons-chain\1.2\commons-chain-1.2.jar
MD5: e18e2c87826644e4c8c08635572c154f
SHA1: 744a13e8766e338bd347b6fbc28c6db12979d0c6
SHA256: d5489b5f6b54b74665ad76ad3ffb3ad904830fe4863392784f311897ffcbfca8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-docurl http://commons.apache.org/chain/ Low Vendor file name commons-chain High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor jar package name chain Highest Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor Manifest bundle-symbolicname org.apache.commons.chain Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor jar package name commons Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Commons Chain High Vendor pom url http://commons.apache.org/chain/ Highest Vendor pom groupid commons-chain Highest Vendor pom artifactid commons-chain Low Product pom artifactid commons-chain Highest Product Manifest bundle-docurl http://commons.apache.org/chain/ Low Product file name commons-chain High Product jar package name chain Highest Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/chain/ Medium Product Manifest Bundle-Name Commons Chain Medium Product Manifest bundle-symbolicname org.apache.commons.chain Medium Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product pom name Commons Chain High Product Manifest Implementation-Title Commons Chain High Product Manifest specification-title Commons Chain Medium Product pom groupid commons-chain Highest Version Manifest Bundle-Version 1.2 High Version Manifest Implementation-Version 1.2 High Version file version 1.2 High Version pom version 1.2 Highest Version pom parent-version 1.2 Low
commons-cli-1.2.jarDescription:
Commons CLI provides a simple API for presenting, processing and validating a command line interface.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-cli\commons-cli\1.2\commons-cli-1.2.jar
MD5: bfdcae1ff93f0c07d733f03bdce28c9e
SHA1: 2bf96b7aa8b611c177d329452af1dc933e14501c
SHA256: e7cd8951956d349b568b7ccfd4f5b2529a8c113e67c32b028f52ffda371259d9
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom url http://commons.apache.org/cli/ Highest Vendor file name commons-cli High Vendor Manifest bundle-symbolicname org.apache.commons.cli Medium Vendor Manifest bundle-docurl http://commons.apache.org/cli/ Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor jar package name commons Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name cli Highest Vendor pom name Commons CLI High Vendor pom groupid commons-cli Highest Vendor pom artifactid commons-cli Low Product pom artifactid commons-cli Highest Product pom parent-groupid org.apache.commons Medium Product file name commons-cli High Product Manifest Bundle-Name Commons CLI Medium Product Manifest bundle-symbolicname org.apache.commons.cli Medium Product Manifest specification-title Commons CLI Medium Product Manifest Implementation-Title Commons CLI High Product Manifest bundle-docurl http://commons.apache.org/cli/ Low Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product pom url http://commons.apache.org/cli/ Medium Product jar package name cli Highest Product pom name Commons CLI High Product pom groupid commons-cli Highest Version Manifest Bundle-Version 1.2 High Version Manifest Implementation-Version 1.2 High Version file version 1.2 High Version pom version 1.2 Highest Version pom parent-version 1.2 Low
commons-codec-1.6.jarDescription:
The codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-codec\commons-codec\1.6\commons-codec-1.6.jar
MD5: 5970f54883b4831b24b97f1125ba27e6
SHA1: b7f0fc8f61ecadeb3695f0b9464755eee44374d4
SHA256: 54b34e941b8e1414bd3e40d736efd3481772dc26db3296f6aa45cec9f6203d86
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-docurl http://commons.apache.org/codec/ Low Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor jar package name codec Highest Vendor Manifest bundle-symbolicname org.apache.commons.codec Medium Vendor pom url http://commons.apache.org/codec/ Highest Vendor pom groupid commons-codec Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor jar package name commons Highest Vendor pom name Commons Codec High Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom artifactid commons-codec Low Vendor Manifest implementation-build UNKNOWN_BRANCH@r??????; 2011-12-02 21:37:07-0500 Low Vendor file name commons-codec High Vendor jar package name encoder Highest Product Manifest specification-title Commons Codec Medium Product Manifest bundle-docurl http://commons.apache.org/codec/ Low Product pom artifactid commons-codec Highest Product pom parent-groupid org.apache.commons Medium Product Manifest Bundle-Name Commons Codec Medium Product jar package name codec Highest Product Manifest bundle-symbolicname org.apache.commons.codec Medium Product pom groupid commons-codec Highest Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product pom name Commons Codec High Product Manifest implementation-build UNKNOWN_BRANCH@r??????; 2011-12-02 21:37:07-0500 Low Product pom url http://commons.apache.org/codec/ Medium Product file name commons-codec High Product Manifest Implementation-Title Commons Codec High Product jar package name encoder Highest Version pom version 1.6 Highest Version pom parent-version 1.6 Low Version file version 1.6 High Version Manifest Implementation-Version 1.6 High
commons-collections-3.2.2.jarDescription:
Types that extend and augment the Java Collections Framework. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-collections\commons-collections\3.2.2\commons-collections-3.2.2.jar
MD5: f54a8510f834a1a57166970bfc982e94
SHA1: 8ad72fe39fa8c91eaaf12aadb21e0c3661fe26d5
SHA256: eeeae917917144a68a741d4c0dff66aa5c5c5fd85593ff217bced3fc8ca783b8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom groupid commons-collections Highest Vendor pom artifactid commons-collections Low Vendor Manifest implementation-url http://commons.apache.org/collections/ Low Vendor jar package name collections Highest Vendor file name commons-collections High Vendor pom name Apache Commons Collections High Vendor jar package name apache Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.3))" Low Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest bundle-symbolicname org.apache.commons.collections Medium Vendor pom url http://commons.apache.org/collections/ Highest Vendor Manifest bundle-docurl http://commons.apache.org/collections/ Low Product Manifest specification-title Apache Commons Collections Medium Product Manifest Implementation-Title Apache Commons Collections High Product Manifest implementation-build tags/COLLECTIONS_3_2_2_RC3@r1714131; 2015-11-13 00:09:45+0100 Low Product pom parent-groupid org.apache.commons Medium Product pom groupid commons-collections Highest Product Manifest Bundle-Name Apache Commons Collections Medium Product Manifest implementation-url http://commons.apache.org/collections/ Low Product jar package name collections Highest Product pom url http://commons.apache.org/collections/ Medium Product file name commons-collections High Product pom name Apache Commons Collections High Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.3))" Low Product jar package name commons Highest Product pom artifactid commons-collections Highest Product Manifest bundle-symbolicname org.apache.commons.collections Medium Product Manifest bundle-docurl http://commons.apache.org/collections/ Low Version pom version 3.2.2 Highest Version Manifest Bundle-Version 3.2.2 High Version Manifest Implementation-Version 3.2.2 High Version pom parent-version 3.2.2 Low Version file version 3.2.2 High
commons-compress-1.19.jarDescription:
Apache Commons Compress software defines an API for working with
compression and archive formats. These include: bzip2, gzip, pack200,
lzma, xz, Snappy, traditional Unix Compress, DEFLATE, DEFLATE64, LZ4,
Brotli, Zstandard and ar, cpio, jar, tar, zip, dump, 7z, arj.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\commons\commons-compress\1.19\commons-compress-1.19.jar
MD5: fe897bced43468450b785b66c1cff455
SHA1: 7e65777fb451ddab6a9c054beb879e521b7eab78
SHA256: ff2d59fad74e867630fbc7daab14c432654712ac624dbee468d220677b124dd5
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.commons Highest Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest implementation-url https://commons.apache.org/proper/commons-compress/ Low Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom name Apache Commons Compress High Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name compress Highest Vendor pom url https://commons.apache.org/proper/commons-compress/ Highest Vendor pom groupid apache.commons Highest Vendor file name commons-compress High Vendor Manifest automatic-module-name org.apache.commons.compress Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor Manifest extension-name org.apache.commons.compress Medium Vendor pom artifactid commons-compress Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Vendor Manifest implementation-build UNKNOWN@r516f76ac1fe48be9a5162e53e4d0a99f23774565; 2019-08-24 16:14:33+0000 Low Product Manifest implementation-url https://commons.apache.org/proper/commons-compress/ Low Product pom parent-groupid org.apache.commons Medium Product pom artifactid commons-compress Highest Product pom name Apache Commons Compress High Product jar package name apache Highest Product Manifest Bundle-Name Apache Commons Compress Medium Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product Manifest specification-title Apache Commons Compress Medium Product Manifest bundle-docurl https://commons.apache.org/proper/commons-compress/ Low Product Manifest Implementation-Title Apache Commons Compress High Product jar package name compress Highest Product pom url https://commons.apache.org/proper/commons-compress/ Medium Product pom groupid apache.commons Highest Product file name commons-compress High Product Manifest automatic-module-name org.apache.commons.compress Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product Manifest extension-name org.apache.commons.compress Medium Product Manifest bundle-symbolicname org.apache.commons.commons-compress Medium Product Manifest implementation-build UNKNOWN@r516f76ac1fe48be9a5162e53e4d0a99f23774565; 2019-08-24 16:14:33+0000 Low Version file version 1.19 High Version pom version 1.19 Highest Version Manifest Implementation-Version 1.19 High Version pom parent-version 1.19 Low
commons-digester-2.1.jarDescription:
The Digester package lets you configure an XML to Java object mapping module
which triggers certain actions called rules whenever a particular
pattern of nested XML elements is recognized.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-digester\commons-digester\2.1\commons-digester-2.1.jar
MD5: 528445033f22da28f5047b6abcd1c7c9
SHA1: 73a8001e7a54a255eef0f03521ec1805dc738ca0
SHA256: e0b2b980a84fc6533c5ce291f1917b32c507f62bcad64198fff44368c2196a3d
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.apache.commons.digester Medium Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest bundle-docurl http://commons.apache.org/digester/ Low Vendor pom artifactid commons-digester Low Vendor pom parent-artifactid commons-parent Low Vendor file name commons-digester High Vendor pom parent-groupid org.apache.commons Medium Vendor jar package name rules Highest Vendor jar package name apache Highest Vendor jar package name digester Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor jar package name commons Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Commons Digester High Vendor pom url http://commons.apache.org/digester/ Highest Vendor pom groupid commons-digester Highest Product Manifest bundle-symbolicname org.apache.commons.digester Medium Product Manifest bundle-docurl http://commons.apache.org/digester/ Low Product file name commons-digester High Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/digester/ Medium Product pom artifactid commons-digester Highest Product Manifest Bundle-Name Commons Digester Medium Product jar package name rules Highest Product jar package name digester Highest Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product pom name Commons Digester High Product Manifest specification-title Commons Digester Medium Product Manifest Implementation-Title Commons Digester High Product pom groupid commons-digester Highest Version pom parent-version 2.1 Low Version pom version 2.1 Highest Version Manifest Implementation-Version 2.1 High Version Manifest Bundle-Version 2.1 High Version file version 2.1 High
commons-digester3-3.2.jarDescription:
The Apache Commons Digester package lets you configure an XML to Java
object mapping module which triggers certain actions called rules whenever
a particular pattern of nested XML elements is recognized.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\commons\commons-digester3\3.2\commons-digester3-3.2.jar
MD5: 41d2c62c7aedafa7a3627794abc83f71
SHA1: c3f68c5ff25ec5204470fd8fdf4cb8feff5e8a79
SHA256: 1c150e3d2df4b4237b47e28fea2079fb0da324578d5cca6a5fed2e37a62082ec
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.apache.commons.digester Medium Vendor pom groupid org.apache.commons Highest Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest bundle-docurl http://commons.apache.org/digester/ Low Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor jar package name digester3 Highest Vendor pom name Apache Commons Digester High Vendor Manifest implementation-build tags/DIGESTER3_3_2_RC2@r1212807; 2011-12-10 15:57:06+0100 Low Vendor pom artifactid commons-digester3 Low Vendor jar package name rules Highest Vendor jar package name apache Highest Vendor jar package name digester Highest Vendor file name commons-digester3 High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor jar package name commons Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom url http://commons.apache.org/digester/ Highest Vendor pom groupid apache.commons Highest Product Manifest bundle-symbolicname org.apache.commons.digester Medium Product Manifest bundle-docurl http://commons.apache.org/digester/ Low Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/digester/ Medium Product jar package name digester3 Highest Product pom name Apache Commons Digester High Product Manifest implementation-build tags/DIGESTER3_3_2_RC2@r1212807; 2011-12-10 15:57:06+0100 Low Product jar package name rules Highest Product pom artifactid commons-digester3 Highest Product jar package name apache Highest Product jar package name digester Highest Product Manifest Bundle-Name Apache Commons Digester Medium Product pom parent-artifactid commons-parent Medium Product file name commons-digester3 High Product jar package name commons Highest Product pom groupid apache.commons Highest Product Manifest Implementation-Title Apache Commons Digester High Product Manifest specification-title Apache Commons Digester Medium Version Manifest Implementation-Version 3.2 High Version file version 3.2 High Version pom version 3.2 Highest Version pom parent-version 3.2 Low
commons-io-2.5.jarDescription:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-io\commons-io\2.5\commons-io-2.5.jar
MD5: e2d74794fba570ec2115fb9d5b05dc9b
SHA1: 2852e6e05fbb95076fc091f6d1780f1f8fe35e0f
SHA256: a10418348d234968600ccb1d988efcbbd08716e1d96936ccc1880e7d22513474
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://commons.apache.org/proper/commons-io/ Highest Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor jar package name io Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-io/ Low Vendor file name commons-io High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest implementation-build tags/commons-io-2.5@r1739098; 2016-04-14 09:19:54-0400 Low Vendor pom groupid commons-io Highest Vendor pom artifactid commons-io Low Vendor pom name Apache Commons IO High Vendor Manifest implementation-url http://commons.apache.org/proper/commons-io/ Low Vendor Manifest bundle-symbolicname org.apache.commons.io Medium Product pom parent-groupid org.apache.commons Medium Product jar package name io Highest Product Manifest Implementation-Title Apache Commons IO High Product pom artifactid commons-io Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-io/ Low Product file name commons-io High Product Manifest specification-title Apache Commons IO Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product Manifest Bundle-Name Apache Commons IO Medium Product Manifest implementation-build tags/commons-io-2.5@r1739098; 2016-04-14 09:19:54-0400 Low Product pom groupid commons-io Highest Product pom name Apache Commons IO High Product Manifest implementation-url http://commons.apache.org/proper/commons-io/ Low Product pom url http://commons.apache.org/proper/commons-io/ Medium Product Manifest bundle-symbolicname org.apache.commons.io Medium Version file version 2.5 High Version Manifest Implementation-Version 2.5 High Version pom parent-version 2.5 Low Version pom version 2.5 Highest
commons-lang-2.6.jarDescription:
Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-lang\commons-lang\2.6\commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256: 50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor file name commons-lang High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor Manifest bundle-docurl http://commons.apache.org/lang/ Low Vendor pom artifactid commons-lang Low Vendor jar package name lang Highest Vendor pom groupid commons-lang Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor jar package name commons Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom url http://commons.apache.org/lang/ Highest Vendor pom name Commons Lang High Vendor Manifest bundle-symbolicname org.apache.commons.lang Medium Product pom artifactid commons-lang Highest Product Manifest Bundle-Name Commons Lang Medium Product Manifest Implementation-Title Commons Lang High Product file name commons-lang High Product pom parent-groupid org.apache.commons Medium Product Manifest bundle-docurl http://commons.apache.org/lang/ Low Product Manifest specification-title Commons Lang Medium Product jar package name lang Highest Product pom groupid commons-lang Highest Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product pom url http://commons.apache.org/lang/ Medium Product pom name Commons Lang High Product Manifest bundle-symbolicname org.apache.commons.lang Medium Version file version 2.6 High Version Manifest Implementation-Version 2.6 High Version Manifest Bundle-Version 2.6 High Version pom parent-version 2.6 Low Version pom version 2.6 Highest
commons-lang3-3.5.jarDescription:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\commons\commons-lang3\3.5\commons-lang3-3.5.jar
MD5: 780b5a8b72eebe6d0dbff1c11b5658fa
SHA1: 6c6c702c89bfff3cd9e80b04d668c5e190d588c6
SHA256: 8ac96fc686512d777fca85e144f196cd7cfe0c0aec23127229497d1a38ff651c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.commons Highest Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest bundle-symbolicname org.apache.commons.lang3 Medium Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor Manifest implementation-build release@r36f98d87b24c2f542b02abbf6ec1ee742f1b158b; 2016-10-13 19:52:17+0000 Low Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-lang/ Low Vendor pom url http://commons.apache.org/proper/commons-lang/ Highest Vendor jar package name lang3 Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom artifactid commons-lang3 Low Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor file name commons-lang3 High Vendor pom groupid apache.commons Highest Vendor Manifest implementation-url http://commons.apache.org/proper/commons-lang/ Low Vendor pom name Apache Commons Lang High Product Manifest Implementation-Title Apache Commons Lang High Product Manifest bundle-symbolicname org.apache.commons.lang3 Medium Product Manifest specification-title Apache Commons Lang Medium Product Manifest Bundle-Name Apache Commons Lang Medium Product pom parent-groupid org.apache.commons Medium Product Manifest implementation-build release@r36f98d87b24c2f542b02abbf6ec1ee742f1b158b; 2016-10-13 19:52:17+0000 Low Product pom artifactid commons-lang3 Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-lang/ Low Product jar package name lang3 Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/proper/commons-lang/ Medium Product jar package name commons Highest Product file name commons-lang3 High Product pom groupid apache.commons Highest Product Manifest implementation-url http://commons.apache.org/proper/commons-lang/ Low Product pom name Apache Commons Lang High Version pom version 3.5 Highest Version Manifest Implementation-Version 3.5 High Version pom parent-version 3.5 Low Version file version 3.5 High
commons-logging-1.1.1.jarDescription:
Commons Logging is a thin adapter allowing configurable bridging to other,
well known logging systems. File Path: C:\Users\Jeremy\.m2\repository\commons-logging\commons-logging\1.1.1\commons-logging-1.1.1.jarMD5: ed448347fc0104034aa14c8189bf37deSHA1: 5043bfebc3db072ed80fbd362e7caf00e885d8aeSHA256: ce6f913cad1f0db3aad70186d65c5bc7ffcc9a99e3fe8e0b137312819f7c362fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid commons-logging Low Vendor pom name Commons Logging High Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest specification-vendor Apache Software Foundation Low Vendor jar package name logging Highest Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor jar package name apache Highest Vendor pom url http://commons.apache.org/logging Highest Vendor jar package name commons Highest Vendor pom groupid commons-logging Highest Vendor file name commons-logging High Vendor Manifest extension-name org.apache.commons.logging Medium Product pom name Commons Logging High Product jar package name logging Highest Product pom parent-groupid org.apache.commons Medium Product pom artifactid commons-logging Highest Product Manifest specification-title Jakarta Commons Logging Medium Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product Manifest Implementation-Title Jakarta Commons Logging High Product jar package name commons Highest Product pom url http://commons.apache.org/logging Medium Product pom groupid commons-logging Highest Product file name commons-logging High Product Manifest extension-name org.apache.commons.logging Medium Version Manifest Implementation-Version 1.1.1 High Version pom version 1.1.1 Highest Version file version 1.1.1 High Version pom parent-version 1.1.1 Low
commons-pool2-2.2.jarDescription:
Apache Commons Object Pooling Library License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\commons\commons-pool2\2.2\commons-pool2-2.2.jar
MD5: 51b56c92883812c56fbeb339866ce2df
SHA1: bd1a6e384f3cf0f9b9a60e1e6c1c1ecbbee7e0b7
SHA256: 8780b3bbb31a8797e74e9f3022f043ddadc2aee8be63d94f8082a6a16546c41b
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.commons Highest Vendor file name commons-pool2 High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor jar package name pool2 Highest Vendor pom parent-artifactid commons-parent Low Vendor pom url http://commons.apache.org/proper/commons-pool/ Highest Vendor pom parent-groupid org.apache.commons Medium Vendor pom artifactid commons-pool2 Low Vendor jar package name apache Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-pool/ Low Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest bundle-symbolicname org.apache.commons.pool2 Medium Vendor pom groupid apache.commons Highest Vendor pom name Apache Commons Pool High Vendor Manifest implementation-build UNKNOWN_BRANCH@r??????; 2014-02-21 14:40:13+0000 Low Product pom artifactid commons-pool2 Highest Product file name commons-pool2 High Product jar package name pool2 Highest Product pom parent-groupid org.apache.commons Medium Product Manifest Bundle-Name Apache Commons Pool Medium Product jar package name apache Highest Product Manifest bundle-docurl http://commons.apache.org/proper/commons-pool/ Low Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product pom url http://commons.apache.org/proper/commons-pool/ Medium Product Manifest Implementation-Title Apache Commons Pool High Product Manifest bundle-symbolicname org.apache.commons.pool2 Medium Product pom groupid apache.commons Highest Product pom name Apache Commons Pool High Product Manifest specification-title Apache Commons Pool Medium Product Manifest implementation-build UNKNOWN_BRANCH@r??????; 2014-02-21 14:40:13+0000 Low Version pom parent-version 2.2 Low Version pom version 2.2 Highest Version Manifest Implementation-Version 2.2 High Version file version 2.2 High
commons-text-1.9.jarDescription:
Apache Commons Text is a library focused on algorithms working on strings. License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\commons\commons-text\1.9\commons-text-1.9.jar
MD5: c1c130c369aa86bfe4f7a7a920bc0223
SHA1: ba6ac8c2807490944a0a27f6f8e68fb5ed2e80e2
SHA256: 0812f284ac5dd0d617461d9a2ab6ac6811137f25122dfffd4788a4871e732d00
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.commons Highest Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor file name commons-text High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom artifactid commons-text Low Vendor jar package name text Highest Vendor Manifest automatic-module-name org.apache.commons.text Medium Vendor pom name Apache Commons Text High Vendor jar package name apache Highest Vendor Manifest bundle-docurl https://commons.apache.org/proper/commons-text Low Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-symbolicname org.apache.commons.commons-text Medium Vendor pom groupid apache.commons Highest Vendor pom url https://commons.apache.org/proper/commons-text Highest Product pom artifactid commons-text Highest Product Manifest Implementation-Title Apache Commons Text High Product Manifest specification-title Apache Commons Text Medium Product pom parent-groupid org.apache.commons Medium Product file name commons-text High Product Manifest Bundle-Name Apache Commons Text Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name text Highest Product Manifest automatic-module-name org.apache.commons.text Medium Product pom name Apache Commons Text High Product jar package name apache Highest Product Manifest bundle-docurl https://commons.apache.org/proper/commons-text Low Product pom parent-artifactid commons-parent Medium Product pom url https://commons.apache.org/proper/commons-text Medium Product jar package name commons Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-symbolicname org.apache.commons.commons-text Medium Product pom groupid apache.commons Highest Version pom parent-version 1.9 Low Version file version 1.9 High Version pom version 1.9 Highest Version Manifest Implementation-Version 1.9 High
commons-validator-1.6.jarDescription:
Apache Commons Validator provides the building blocks for both client side validation and server side data validation.
It may be used standalone or with a framework like Struts.
License:
https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\commons-validator\commons-validator\1.6\commons-validator-1.6.jar
MD5: 3fd5efd8dcdd601035c123638a897833
SHA1: e989d1e87cdd60575df0765ed5bac65c905d7908
SHA256: bd62795d7068a69cbea333f6dbf9c9c1a6ad7521443fb57202a44874f240ba25
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor pom parent-artifactid commons-parent Low Vendor Manifest bundle-symbolicname org.apache.commons.validator Medium Vendor pom parent-groupid org.apache.commons Medium Vendor Manifest implementation-url http://commons.apache.org/proper/commons-validator/ Low Vendor file name commons-validator High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom artifactid commons-validator Low Vendor jar package name apache Highest Vendor jar package name commons Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name validator Highest Vendor pom groupid commons-validator Highest Vendor Manifest implementation-build tags/VALIDATOR_1_6_RC1@r1783233; 2017-02-16 15:10:22+0000 Low Vendor pom name Apache Commons Validator High Vendor pom url http://commons.apache.org/proper/commons-validator/ Highest Vendor Manifest bundle-docurl http://commons.apache.org/proper/commons-validator/ Low Product Manifest bundle-symbolicname org.apache.commons.validator Medium Product pom parent-groupid org.apache.commons Medium Product Manifest Bundle-Name Apache Commons Validator Medium Product pom artifactid commons-validator Highest Product Manifest implementation-url http://commons.apache.org/proper/commons-validator/ Low Product file name commons-validator High Product Manifest specification-title Apache Commons Validator Medium Product Manifest Implementation-Title Apache Commons Validator High Product pom url http://commons.apache.org/proper/commons-validator/ Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product jar package name apache Highest Product pom parent-artifactid commons-parent Medium Product jar package name commons Highest Product jar package name validator Highest Product pom groupid commons-validator Highest Product Manifest implementation-build tags/VALIDATOR_1_6_RC1@r1783233; 2017-02-16 15:10:22+0000 Low Product pom name Apache Commons Validator High Product Manifest bundle-docurl http://commons.apache.org/proper/commons-validator/ Low Version pom version 1.6 Highest Version pom parent-version 1.6 Low Version file version 1.6 High Version Manifest Implementation-Version 1.6 High
coveralls-maven-plugin-4.3.0.jarDescription:
Maven plugin for submitting Java code coverage reports to Coveralls web service. License:
The MIT License (MIT): http://opensource.org/licenses/MIT File Path: C:\Users\Jeremy\.m2\repository\org\eluder\coveralls\coveralls-maven-plugin\4.3.0\coveralls-maven-plugin-4.3.0.jar
MD5: 5cc34539a3cfe8d7e776eb5af446fc08
SHA1: 2f9f6bdef5dd1d863730a134a8f1280337440c46
SHA256: 685f5ab0904fff3078e54f7dbad1eb6dc04507b00e7f8f13629051187c002273
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name eluder Highest Vendor pom parent-groupid org.eluder Medium Vendor pom parent-artifactid eluder-parent Low Vendor pom name coveralls-maven-plugin High Vendor Manifest Implementation-Vendor-Id org.eluder.coveralls Medium Vendor pom artifactid coveralls-maven-plugin Low Vendor file name coveralls-maven-plugin High Vendor Manifest implementation-url https://github.com/trautonen/coveralls-maven-plugin Low Vendor pom groupid eluder.coveralls Highest Vendor pom url trautonen/coveralls-maven-plugin Highest Vendor jar package name maven Highest Vendor pom groupid org.eluder.coveralls Highest Vendor Manifest Implementation-Vendor Tapio Rautonen High Vendor jar package name plugin Highest Vendor jar package name coveralls Highest Product jar package name eluder Highest Product pom parent-groupid org.eluder Medium Product pom name coveralls-maven-plugin High Product file name coveralls-maven-plugin High Product Manifest implementation-url https://github.com/trautonen/coveralls-maven-plugin Low Product pom groupid eluder.coveralls Highest Product Manifest Implementation-Title coveralls-maven-plugin High Product jar package name maven Highest Product pom url trautonen/coveralls-maven-plugin High Product jar package name plugin Highest Product pom artifactid coveralls-maven-plugin Highest Product jar package name coveralls Highest Product pom parent-artifactid eluder-parent Medium Version file version 4.3.0 High Version pom version 4.3.0 Highest Version Manifest Implementation-Version 4.3.0 High Version pom parent-version 4.3.0 Low
cssparser-0.9.27.jarDescription:
A CSS parser which implements SAC (the Simple API for CSS). License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\net\sourceforge\cssparser\cssparser\0.9.27\cssparser-0.9.27.jar
MD5: a25c4c8aed3c53c5c1010843e1263ef6
SHA1: 286ef94eda768173af4b28ccd70111c14c3e860c
SHA256: 238dbe6b86fa78bad25c8803ecbe4947ab0279337a4b0750f70ed480e2d5a1ef
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id net.sourceforge.cssparser Medium Vendor jar package name parser Highest Vendor pom url http://cssparser.sourceforge.net/ Highest Vendor Manifest build-time 2019-03-23 08:36 Low Vendor pom groupid net.sourceforge.cssparser Highest Vendor jar package name sac Highest Vendor jar package name css Highest Vendor pom artifactid cssparser Low Vendor Manifest url http://cssparser.sourceforge.net/ Low Vendor pom name CSS Parser High Vendor Manifest implementation-url http://cssparser.sourceforge.net/ Low Vendor file name cssparser High Product Manifest Implementation-Title CSS Parser High Product Manifest specification-title CSS Parser Medium Product jar package name parser Highest Product Manifest build-time 2019-03-23 08:36 Low Product pom groupid net.sourceforge.cssparser Highest Product jar package name sac Highest Product jar package name css Highest Product Manifest url http://cssparser.sourceforge.net/ Low Product pom name CSS Parser High Product pom artifactid cssparser Highest Product Manifest implementation-url http://cssparser.sourceforge.net/ Low Product pom url http://cssparser.sourceforge.net/ Medium Product file name cssparser High Version file version 0.9.27 High Version Manifest Implementation-Version 0.9.27 High Version pom version 0.9.27 Highest
cvsclient-20060125.jarLicense:
Sun Public License: http://www.netbeans.org/about/legal/spl.html File Path: C:\Users\Jeremy\.m2\repository\org\netbeans\lib\cvsclient\20060125\cvsclient-20060125.jar
MD5: d37c0e11f9b2d3fdde5a999ba9418abb
SHA1: cc80bd0085c79be7ed332cbdc1db77498bff1fda
SHA256: 89baed753b393d5074d4b9b4ba4b9692af6cd0713199998fb294b99942c820a3
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest openide-module org.netbeans.lib.cvsclient/1 Low Vendor jar package name netbeans Highest Vendor jar package name cvsclient Highest Vendor pom groupid org.netbeans.lib Highest Vendor file name cvsclient-20060125 High Vendor pom url http://javacvs.netbeans.org/library/ Highest Vendor Manifest openide-module-localizing-bundle org/netbeans/lib/cvsclient/Bundle.properties Low Vendor pom groupid netbeans.lib Highest Vendor pom artifactid cvsclient Low Vendor jar package name lib Highest Product Manifest openide-module org.netbeans.lib.cvsclient/1 Low Product jar package name netbeans Highest Product jar package name cvsclient Highest Product pom artifactid cvsclient Highest Product file name cvsclient-20060125 High Product Manifest openide-module-localizing-bundle org/netbeans/lib/cvsclient/Bundle.properties Low Product pom url http://javacvs.netbeans.org/library/ Medium Product pom groupid netbeans.lib Highest Product jar package name lib Highest Version pom version 20060125 Highest Version file version 20060125 Medium
dom4j-1.1.jarFile Path: C:\Users\Jeremy\.m2\repository\dom4j\dom4j\1.1\dom4j-1.1.jarMD5: f1c39d0d2b2c6f5ffb0046841a34b5c9SHA1: 0690b3108a502c8f033ea87e7278aec309ffa668SHA256: 50bd5c21b5fbd27b8bbb5f8050544b53f49a4480fd347ce9c46d55c706015156Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid dom4j Highest Vendor Manifest extension-name org.dom4j Medium Vendor file name dom4j High Vendor pom artifactid dom4j Low Vendor jar package name dom4j Highest Vendor Manifest Implementation-Vendor MetaStuff Ltd. High Vendor Manifest specification-vendor MetaStuff Ltd. Low Product pom groupid dom4j Highest Product pom artifactid dom4j Highest Product Manifest extension-name org.dom4j Medium Product file name dom4j High Product jar package name dom4j Highest Product Manifest specification-title dom4j Medium Product Manifest Implementation-Title dom4j High Version file version 1.1 High Version pom version 1.1 Highest
dom4j-2.1.3.jarDescription:
flexible XML framework for Java License:
BSD 3-clause New License: https://github.com/dom4j/dom4j/blob/master/LICENSE File Path: C:\Users\Jeremy\.m2\repository\org\dom4j\dom4j\2.1.3\dom4j-2.1.3.jar
MD5: 41efcf234c5a05a8c590f9b51d53ca66
SHA1: a75914155a9f5808963170ec20653668a2ffd2fd
SHA256: 549f3007c6290f6a901e57d1d331b4ed0e6bf7384f78bf10316ffceeca834de6
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid dom4j Highest Vendor pom url http://dom4j.github.io/ Highest Vendor file name dom4j High Vendor pom name dom4j High Vendor jar package name dom4j Low Vendor pom groupid org.dom4j Highest Vendor pom artifactid dom4j Low Vendor jar package name dom4j Highest Product pom groupid dom4j Highest Product pom url http://dom4j.github.io/ Medium Product pom artifactid dom4j Highest Product file name dom4j High Product pom name dom4j High Product jar package name dom4j Highest Version file version 2.1.3 High Version pom version 2.1.3 Highest
doxia-core-1.9.jarDescription:
Doxia core classes and interfaces. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-core\1.9\doxia-core-1.9.jarMD5: 3a15b025e029739be26142a2de5d7ec5SHA1: 2eb362021db9267b8164726c62e2ab0b7d556048SHA256: b9d880f48d2759d99aa649951662e9d6e64474db26d7cd0beb3de74864a5d007Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid doxia Low Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor jar package name apache Highest Vendor pom artifactid doxia-core Low Vendor file name doxia-core High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.doxia Medium Vendor Manifest implementation-url http://maven.apache.org/doxia/doxia/doxia-core/ Low Vendor pom name Doxia :: Core High Vendor pom groupid apache.maven.doxia Highest Product jar package name doxia Highest Product Manifest Implementation-Title Doxia :: Core High Product Manifest specification-title Doxia :: Core Medium Product pom parent-groupid org.apache.maven.doxia Medium Product jar package name apache Highest Product file name doxia-core High Product jar package name maven Highest Product Manifest implementation-url http://maven.apache.org/doxia/doxia/doxia-core/ Low Product pom artifactid doxia-core Highest Product pom parent-artifactid doxia Medium Product pom name Doxia :: Core High Product pom groupid apache.maven.doxia Highest Version file version 1.9 High Version pom version 1.9 Highest Version Manifest Implementation-Version 1.9 High
doxia-decoration-model-1.1.4.jarDescription:
The Decoration Model handles the site descriptor, also known as site.xml. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-decoration-model\1.1.4\doxia-decoration-model-1.1.4.jarMD5: fa6724afd6de08472445dbeecd641c29SHA1: 4555b5cda12b0cb1f00ec6cc61c5ddb07a81449cSHA256: 4d977822eafed54e2f48a2068cb8b7257fdba38231c3d11cee921e08b479636cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-artifactid doxia-sitetools Low Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor jar package name apache Highest Vendor file name doxia-decoration-model High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.doxia Medium Vendor pom name Doxia Sitetools :: Decoration Model High Vendor pom artifactid doxia-decoration-model Low Vendor jar package name site Highest Vendor pom groupid apache.maven.doxia Highest Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product pom parent-artifactid doxia-sitetools Medium Product Manifest Implementation-Title Doxia Sitetools :: Decoration Model High Product Manifest specification-title Doxia Sitetools :: Decoration Model Medium Product pom artifactid doxia-decoration-model Highest Product jar package name apache Highest Product file name doxia-decoration-model High Product jar package name maven Highest Product pom name Doxia Sitetools :: Decoration Model High Product jar package name site Highest Product pom groupid apache.maven.doxia Highest Version pom version 1.1.4 Highest Version Manifest Implementation-Version 1.1.4 High Version file version 1.1.4 High
doxia-integration-tools-1.6.jarDescription:
A collection of tools to help the integration of Doxia in Maven plugins. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-integration-tools\1.6\doxia-integration-tools-1.6.jarMD5: 086ced67c455860a867c1dc06cfcde71SHA1: aa12128117facfa64c1ac8b8f70c6cf1dbf8b5caSHA256: c46e6191b414b46e4fc51ea2957008313c7bf9d6fe8c1df1f8eac068496c185cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor pom artifactid doxia-integration-tools Low Vendor file name doxia-integration-tools High Vendor jar package name apache Highest Vendor pom name Doxia :: Integration Tools High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.doxia Medium Vendor jar package name tools Highest Vendor pom groupid apache.maven.doxia Highest Vendor pom parent-artifactid doxia-tools Low Product Manifest Implementation-Title Doxia :: Integration Tools High Product Manifest specification-title Doxia :: Integration Tools Medium Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product file name doxia-integration-tools High Product jar package name apache Highest Product pom parent-artifactid doxia-tools Medium Product pom name Doxia :: Integration Tools High Product pom artifactid doxia-integration-tools Highest Product jar package name maven Highest Product jar package name tools Highest Product pom groupid apache.maven.doxia Highest Version pom version 1.6 Highest Version pom parent-version 1.6 Low Version file version 1.6 High Version Manifest Implementation-Version 1.6 High
doxia-logging-api-1.1.4.jarDescription:
Doxia Logging API. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-logging-api\1.1.4\doxia-logging-api-1.1.4.jarMD5: bfb5c122dfb9ee150926ea513ae3f560SHA1: b2361807501aa7cbbec8d0a0d1a1459207ab1f99SHA256: 1ca072785370465533bdfabd741ee7ea5a6ca90e192c5e3b34df817c6ef9bad4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name doxia-logging-api High Vendor pom parent-artifactid doxia Low Vendor pom artifactid doxia-logging-api Low Vendor jar package name logging Highest Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor pom name Doxia :: Logging API High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.doxia Medium Vendor pom groupid apache.maven.doxia Highest Product file name doxia-logging-api High Product Manifest specification-title Doxia :: Logging API Medium Product jar package name logging Highest Product pom artifactid doxia-logging-api Highest Product jar package name doxia Highest Product Manifest Implementation-Title Doxia :: Logging API High Product pom parent-groupid org.apache.maven.doxia Medium Product pom name Doxia :: Logging API High Product jar package name apache Highest Product jar package name maven Highest Product pom parent-artifactid doxia Medium Product pom groupid apache.maven.doxia Highest Version pom version 1.1.4 Highest Version Manifest Implementation-Version 1.1.4 High Version file version 1.1.4 High
doxia-module-apt-1.9.1.jarDescription:
A Doxia module for Almost Plain Text source documents.
APT format is supported both as source and target formats.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-apt\1.9.1\doxia-module-apt-1.9.1.jarMD5: b5df73b33aae4fee244ee6dee348c70fSHA1: 89dfa70988e0bc46cd264d0cedc65fb90d345530SHA256: 316cd3bd762ad49898c808a6d013afa5b9323f473fb19a51e19f9fdd151fc8a5Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor file name doxia-module-apt High Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor pom name Doxia :: APT Module High Vendor jar package name module Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor pom artifactid doxia-module-apt Low Vendor pom groupid apache.maven.doxia Highest Product file name doxia-module-apt High Product pom parent-artifactid doxia-modules Medium Product pom artifactid doxia-module-apt Highest Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product pom name Doxia :: APT Module High Product jar package name module Highest Product jar package name apache Highest Product Manifest specification-title Doxia :: APT Module Medium Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product Manifest Implementation-Title Doxia :: APT Module High Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-confluence-1.9.1.jarDescription:
A Doxia module for Confluence documents.
Confluence format is supported both as source and target formats.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-confluence\1.9.1\doxia-module-confluence-1.9.1.jarMD5: ade2f8bd6d002b0b7514c8618fc669b8SHA1: 7b8e7163d1470b324ecbab2ee5f4f132b15413faSHA256: 86e7992e2e1f232fa4588e308673348eeb0400658fb49fa71086b8683662e63bReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name Doxia :: Confluence Module High Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor jar package name module Highest Vendor jar package name apache Highest Vendor file name doxia-module-confluence High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor pom artifactid doxia-module-confluence Low Vendor pom groupid apache.maven.doxia Highest Product pom parent-artifactid doxia-modules Medium Product pom name Doxia :: Confluence Module High Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product Manifest Implementation-Title Doxia :: Confluence Module High Product pom artifactid doxia-module-confluence Highest Product jar package name module Highest Product Manifest specification-title Doxia :: Confluence Module Medium Product jar package name apache Highest Product file name doxia-module-confluence High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-docbook-simple-1.9.1.jarDescription:
A Doxia module for Simplified DocBook documents.
DocBook format is supported both as source and target formats.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-docbook-simple\1.9.1\doxia-module-docbook-simple-1.9.1.jarMD5: 44f3d5b4f47e953df6e9fe6e57fa49e6SHA1: fdcb82032ff07b1cdf71d1eb86677492cc5297d8SHA256: ed44695e4abb716ba6582b5d5070a5331bfa85a5d7e1a305ee2d10033bc3e3ebReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom artifactid doxia-module-docbook-simple Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor file name doxia-module-docbook-simple High Vendor jar package name module Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor pom name Doxia :: Simplified DocBook Module High Vendor pom groupid apache.maven.doxia Highest Product pom artifactid doxia-module-docbook-simple Highest Product pom parent-artifactid doxia-modules Medium Product Manifest Implementation-Title Doxia :: Simplified DocBook Module High Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product file name doxia-module-docbook-simple High Product jar package name module Highest Product jar package name apache Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product pom name Doxia :: Simplified DocBook Module High Product Manifest specification-title Doxia :: Simplified DocBook Module Medium Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-fml-1.9.1.jarDescription:
A Doxia module for FML source documents.
FML format is only supported as source format.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-fml\1.9.1\doxia-module-fml-1.9.1.jarMD5: 8ab09866cb72f13004999477f56b466dSHA1: d5c6d387674d8e0b591dfba95b1318ac61a50b4eSHA256: da9887f2f9d987c12bc69d839a24a0623674dff243e7001a70ba74c64051e299Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom artifactid doxia-module-fml Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor pom name Doxia :: FML Module High Vendor jar package name module Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor file name doxia-module-fml High Vendor pom groupid apache.maven.doxia Highest Product pom parent-artifactid doxia-modules Medium Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product pom name Doxia :: FML Module High Product jar package name module Highest Product jar package name apache Highest Product Manifest Implementation-Title Doxia :: FML Module High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product Manifest specification-title Doxia :: FML Module Medium Product pom artifactid doxia-module-fml Highest Product file name doxia-module-fml High Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-markdown-1.9.1.jarDescription:
A Doxia module for Markdown source documents.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-markdown\1.9.1\doxia-module-markdown-1.9.1.jarMD5: 7e926f0bc3ce4bf0e13968c56a8513e7SHA1: 95150da42ba2bca3ca5b23c8150314818a0d76b5SHA256: 48b292a2bd51406b753b738792c24793c59f8d32730dcaaec4da1ca3d6594a5aReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name Doxia :: Markdown Module High Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor jar package name module Highest Vendor jar package name apache Highest Vendor pom artifactid doxia-module-markdown Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor file name doxia-module-markdown High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor pom groupid apache.maven.doxia Highest Product pom parent-artifactid doxia-modules Medium Product pom name Doxia :: Markdown Module High Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product Manifest Implementation-Title Doxia :: Markdown Module High Product Manifest specification-title Doxia :: Markdown Module Medium Product jar package name module Highest Product jar package name apache Highest Product file name doxia-module-markdown High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product pom artifactid doxia-module-markdown Highest Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-twiki-1.9.1.jarDescription:
A Doxia module for Twiki source documents.
Twiki format is supported both as source and target formats.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-twiki\1.9.1\doxia-module-twiki-1.9.1.jarMD5: acba5798ae152f6a0d774edcd158fd71SHA1: a09744f661750e82eb9403b7a575d5f18d383930SHA256: a1a4ef05d02cf6cb4d7f7bec353a3c6c3af6129e78e8d03a742b0f0acd125057Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor file name doxia-module-twiki High Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor jar package name module Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Doxia :: TWiki Module High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor pom groupid apache.maven.doxia Highest Vendor pom artifactid doxia-module-twiki Low Product pom artifactid doxia-module-twiki Highest Product Manifest specification-title Doxia :: TWiki Module Medium Product pom parent-artifactid doxia-modules Medium Product Manifest Implementation-Title Doxia :: TWiki Module High Product file name doxia-module-twiki High Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product jar package name module Highest Product jar package name apache Highest Product pom name Doxia :: TWiki Module High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-xdoc-1.9.1.jarDescription:
A Doxia module for Xdoc source documents.
Xdoc format is supported both as source and target formats.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-xdoc\1.9.1\doxia-module-xdoc-1.9.1.jarMD5: 09a020e47ccab2d5b7323c1c8b383ac2SHA1: d09a97e195d6f57ea6d61a7492eec23e27fb5fbfSHA256: 6bf265c959dbc63aa5bd6c8508bf97f278b8ba091b421b348a56193834f6ccdeReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom artifactid doxia-module-xdoc Low Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor jar package name module Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Doxia :: XDoc Module High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor file name doxia-module-xdoc High Vendor pom groupid apache.maven.doxia Highest Product pom parent-artifactid doxia-modules Medium Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product Manifest Implementation-Title Doxia :: XDoc Module High Product Manifest specification-title Doxia :: XDoc Module Medium Product jar package name module Highest Product jar package name apache Highest Product pom artifactid doxia-module-xdoc Highest Product pom name Doxia :: XDoc Module High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product file name doxia-module-xdoc High Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-xhtml-1.9.1.jarDescription:
A Doxia module for Xhtml source documents.
Xhtml format is supported both as source and target formats.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-xhtml\1.9.1\doxia-module-xhtml-1.9.1.jarMD5: 0d6f4c92632b32dff9e528541151a360SHA1: 5cacd98f8e4f98b18c2b9463861622262ff73070SHA256: 88fa59c5176cbf215f411f59849c7036e988b5bdd6aa50deb85abc249183e501Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor pom artifactid doxia-module-xhtml Low Vendor jar package name module Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor pom name Doxia :: XHTML Module High Vendor file name doxia-module-xhtml High Vendor pom groupid apache.maven.doxia Highest Product pom parent-artifactid doxia-modules Medium Product Manifest Implementation-Title Doxia :: XHTML Module High Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product jar package name module Highest Product jar package name apache Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product pom name Doxia :: XHTML Module High Product file name doxia-module-xhtml High Product Manifest specification-title Doxia :: XHTML Module Medium Product pom artifactid doxia-module-xhtml Highest Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-module-xhtml5-1.9.1.jarDescription:
A Doxia module for Xhtml5 source documents.
Xhtml5 format is supported both as source and target formats.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-module-xhtml5\1.9.1\doxia-module-xhtml5-1.9.1.jarMD5: 9d84439a6b22a73e0f898c0de610389fSHA1: a3629e40a290897ec8a14b84ad7e7b2b6eb4e446SHA256: 1025e31c2dfc298e1ecbf1493bd45ce860678ae20f4b88c962c88cbd72d1c0c5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom artifactid doxia-module-xhtml5 Low Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor pom name Doxia :: XHTML5 Module High Vendor jar package name module Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid doxia-modules Low Vendor file name doxia-module-xhtml5 High Vendor pom groupid apache.maven.doxia Highest Product pom parent-artifactid doxia-modules Medium Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product pom name Doxia :: XHTML5 Module High Product jar package name module Highest Product jar package name apache Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product Manifest Implementation-Title Doxia :: XHTML5 Module High Product Manifest specification-title Doxia :: XHTML5 Module Medium Product pom artifactid doxia-module-xhtml5 Highest Product file name doxia-module-xhtml5 High Product pom groupid apache.maven.doxia Highest Version pom version 1.9.1 Highest Version file version 1.9.1 High Version Manifest Implementation-Version 1.9.1 High
doxia-sink-api-1.1.4.jarDescription:
Doxia Sink API. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-sink-api\1.1.4\doxia-sink-api-1.1.4.jarMD5: 013259a0306738f86118c689a66c7aa8SHA1: 06bddcc2ade60de8867997061e214e72cf4b9b1dSHA256: c22a862c1e8ed38242f10999f1d9c59110f0ee4398828e274cc921eba6211f2cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid doxia Low Vendor pom name Doxia :: Sink API High Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor pom artifactid doxia-sink-api Low Vendor file name doxia-sink-api High Vendor jar package name apache Highest Vendor jar package name sink Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.doxia Medium Vendor pom groupid apache.maven.doxia Highest Product pom name Doxia :: Sink API High Product pom artifactid doxia-sink-api Highest Product jar package name doxia Highest Product pom parent-groupid org.apache.maven.doxia Medium Product file name doxia-sink-api High Product jar package name apache Highest Product jar package name sink Highest Product jar package name maven Highest Product Manifest Implementation-Title Doxia :: Sink API High Product pom parent-artifactid doxia Medium Product Manifest specification-title Doxia :: Sink API Medium Product pom groupid apache.maven.doxia Highest Version pom version 1.1.4 Highest Version Manifest Implementation-Version 1.1.4 High Version file version 1.1.4 High
doxia-site-renderer-1.1.4.jarDescription:
The Site Renderer handles the rendering of sites. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\doxia\doxia-site-renderer\1.1.4\doxia-site-renderer-1.1.4.jarMD5: e7388d2ccf4b6a9b0487725a327b5b3bSHA1: eca1027eb69745b0041520e3e4a252dd663527b1SHA256: aa564ef4347af69fe0397f60cdceb44522798fc489ba5b37e03f05aff908eaeaReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name doxia Highest Vendor pom groupid org.apache.maven.doxia Highest Vendor pom parent-artifactid doxia-sitetools Low Vendor pom parent-groupid org.apache.maven.doxia Medium Vendor jar package name apache Highest Vendor pom name Doxia Sitetools :: Site Renderer Component High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom artifactid doxia-site-renderer Low Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.doxia Medium Vendor file name doxia-site-renderer High Vendor pom groupid apache.maven.doxia Highest Product jar package name apache Highest Product pom name Doxia Sitetools :: Site Renderer Component High Product Manifest specification-title Doxia Sitetools :: Site Renderer Component Medium Product Manifest Implementation-Title Doxia Sitetools :: Site Renderer Component High Product pom artifactid doxia-site-renderer Highest Product jar package name doxia Highest Product jar package name maven Highest Product pom parent-groupid org.apache.maven.doxia Medium Product pom parent-artifactid doxia-sitetools Medium Product file name doxia-site-renderer High Product pom groupid apache.maven.doxia Highest Version pom version 1.1.4 Highest Version Manifest Implementation-Version 1.1.4 High Version file version 1.1.4 High
enforcer-api-3.0.0-M3.jarDescription:
This component provides the generic interfaces needed to implement custom rules for the maven-enforcer-plugin.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\enforcer\enforcer-api\3.0.0-M3\enforcer-api-3.0.0-M3.jarMD5: 15dcd90fd581990f400305860048642cSHA1: 984df5598888ef1502be1f60420f3d5a088d7addSHA256: 977fcc0b50cb6bb825299651d0c1e7499a09ae98e744ccf46ed9c32ee743ab33Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.enforcer Highest Vendor file name enforcer-api High Vendor pom parent-groupid org.apache.maven.enforcer Medium Vendor Manifest implementation-url https://maven.apache.org/enforcer/enforcer-api/ Low Vendor jar package name apache Highest Vendor pom groupid apache.maven.enforcer Highest Vendor pom parent-artifactid enforcer Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven.enforcer Medium Vendor jar package name maven Highest Vendor jar package name enforcer Highest Vendor pom name Apache Maven Enforcer API High Vendor pom artifactid enforcer-api Low Product pom parent-artifactid enforcer Medium Product file name enforcer-api High Product pom parent-groupid org.apache.maven.enforcer Medium Product Manifest implementation-url https://maven.apache.org/enforcer/enforcer-api/ Low Product pom artifactid enforcer-api Highest Product Manifest specification-title Apache Maven Enforcer API Medium Product Manifest Implementation-Title Apache Maven Enforcer API High Product jar package name apache Highest Product pom groupid apache.maven.enforcer Highest Product jar package name maven Highest Product jar package name enforcer Highest Product pom name Apache Maven Enforcer API High Version Manifest Implementation-Version 3.0.0-M3 High Version pom version 3.0.0-M3 Highest
enforcer-rules-3.0.0-M3.jarDescription:
This component contains the built-in Enforcer Rules File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\enforcer\enforcer-rules\3.0.0-M3\enforcer-rules-3.0.0-M3.jarMD5: a672b92f48aa2392e688bbe387e97b41SHA1: 2b5956007000d4e9662cf1aabed785cd6423d727SHA256: 3db863d1e77c10178981451f7ba436bd7363dba28fc0a9ba60452ab36fb474a1Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest implementation-url https://maven.apache.org/enforcer/enforcer-rules/ Low Vendor pom groupid org.apache.maven.enforcer Highest Vendor pom parent-groupid org.apache.maven.enforcer Medium Vendor pom artifactid enforcer-rules Low Vendor jar package name apache Highest Vendor pom groupid apache.maven.enforcer Highest Vendor pom parent-artifactid enforcer Low Vendor pom name Apache Maven Enforcer Built-In Rules High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor file name enforcer-rules High Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest Implementation-Vendor-Id org.apache.maven.enforcer Medium Vendor jar package name maven Highest Vendor jar package name enforcer Highest Product Manifest implementation-url https://maven.apache.org/enforcer/enforcer-rules/ Low Product pom parent-artifactid enforcer Medium Product pom parent-groupid org.apache.maven.enforcer Medium Product Manifest Implementation-Title Apache Maven Enforcer Built-In Rules High Product Manifest specification-title Apache Maven Enforcer Built-In Rules Medium Product jar package name apache Highest Product pom groupid apache.maven.enforcer Highest Product pom name Apache Maven Enforcer Built-In Rules High Product file name enforcer-rules High Product jar package name maven Highest Product jar package name enforcer Highest Product pom artifactid enforcer-rules Highest Version Manifest Implementation-Version 3.0.0-M3 High Version pom version 3.0.0-M3 Highest
error_prone_annotations-2.4.0.jarLicense:
Apache 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\google\errorprone\error_prone_annotations\2.4.0\error_prone_annotations-2.4.0.jar
MD5: bac854c25d354c9fd973f73956c06916
SHA1: 32ecccc595e4e4d813a80ee9e3ab5813d65874eb
SHA256: 5f2a0648230a662e8be049df308d583d7369f13af683e44ddf5829b6d741a228
Referenced In Project/Scope: dependency-plugin-tracker:provided
Evidence Type Source Name Value Confidence Vendor Manifest automatic-module-name com.google.errorprone.annotations Medium Vendor pom parent-groupid com.google.errorprone Medium Vendor jar package name google Highest Vendor jar package name errorprone Highest Vendor pom name error-prone annotations High Vendor jar package name annotations Highest Vendor pom parent-artifactid error_prone_parent Low Vendor pom groupid google.errorprone Highest Vendor pom artifactid error_prone_annotations Low Vendor pom groupid com.google.errorprone Highest Vendor file name error_prone_annotations High Product Manifest automatic-module-name com.google.errorprone.annotations Medium Product pom parent-groupid com.google.errorprone Medium Product jar package name google Highest Product jar package name errorprone Highest Product pom parent-artifactid error_prone_parent Medium Product pom name error-prone annotations High Product jar package name annotations Highest Product pom groupid google.errorprone Highest Product file name error_prone_annotations High Product pom artifactid error_prone_annotations Highest Version file version 2.4.0 High Version pom version 2.4.0 Highest
failureaccess-1.0.1.jarDescription:
Contains
com.google.common.util.concurrent.internal.InternalFutureFailureAccess and
InternalFutures. Most users will never need to use this artifact. Its
classes is conceptually a part of Guava, but they're in this separate
artifact so that Android libraries can use them without pulling in all of
Guava (just as they can use ListenableFuture by depending on the
listenablefuture artifact).
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\google\guava\failureaccess\1.0.1\failureaccess-1.0.1.jar
MD5: 091883993ef5bfa91da01dcc8fc52236
SHA1: 1dcf1de382a0bf95a3d8b0849546c88bac1292c9
SHA256: a171ee4c734dd2da837e4b16be9df4661afab72a41adaf31eb84dfdaf936ca26
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid failureaccess Low Vendor file name failureaccess High Vendor jar package name google Highest Vendor Manifest bundle-symbolicname com.google.guava.failureaccess Medium Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor pom parent-artifactid guava-parent Low Vendor jar package name concurrent Highest Vendor jar package name common Highest Vendor pom name Guava InternalFutureFailureAccess and InternalFutures High Vendor pom groupid google.guava Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor pom parent-groupid com.google.guava Medium Vendor jar package name util Highest Vendor pom groupid com.google.guava Highest Product file name failureaccess High Product Manifest Bundle-Name Guava InternalFutureFailureAccess and InternalFutures Medium Product jar package name google Highest Product Manifest bundle-symbolicname com.google.guava.failureaccess Medium Product pom parent-artifactid guava-parent Medium Product Manifest bundle-docurl https://github.com/google/guava/ Low Product jar package name concurrent Highest Product jar package name common Highest Product pom name Guava InternalFutureFailureAccess and InternalFutures High Product pom groupid google.guava Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product pom parent-groupid com.google.guava Medium Product jar package name util Highest Product pom artifactid failureaccess Highest Version file version 1.0.1 High Version pom version 1.0.1 Highest Version pom parent-version 1.0.1 Low Version Manifest Bundle-Version 1.0.1 High
file-management-3.0.0.jarDescription:
API to collect files from a given directory using several include/exclude rules. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\file-management\3.0.0\file-management-3.0.0.jarMD5: 52e384d43eac94eb5111ea3251e06217SHA1: 065d87e03797af7bb5bb199d4d8b50f83cbea3ceSHA256: a37db9f4108b019a96b4fee8c6becaea64a3e755d5d21a904a8549501c7fc065Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Apache Maven File Management API High Vendor jar package name maven Highest Vendor pom artifactid file-management Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor file name file-management High Vendor pom parent-artifactid maven-shared-components Low Product jar package name apache Highest Product pom parent-artifactid maven-shared-components Medium Product pom name Apache Maven File Management API High Product jar package name maven Highest Product pom parent-groupid org.apache.maven.shared Medium Product Manifest Implementation-Title Apache Maven File Management API High Product pom groupid apache.maven.shared Highest Product pom artifactid file-management Highest Product jar package name shared Highest Product file name file-management High Product Manifest specification-title Apache Maven File Management API Medium Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High Version pom parent-version 3.0.0 Low
flexmark-0.42.14.jarDescription:
Core of flexmark-java (implementation of CommonMark for parsing markdown and rendering to HTML) File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark\0.42.14\flexmark-0.42.14.jarMD5: e51158a4276d4353e276ed6d77559979SHA1: 9842fefbaba8640ed844aba4d46359f91729e9ebSHA256: 0f317b4487f1728bd774484294ca2c6bda47222bf6798d2e3180d19fb943176cReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name flexmark-java core High Vendor jar package name flexmark Highest Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark High Vendor jar package name html Highest Vendor pom artifactid flexmark Low Vendor pom parent-artifactid flexmark-java Low Vendor jar package name core Highest Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Product pom name flexmark-java core High Product jar package name flexmark Highest Product jar package name core Highest Product pom artifactid flexmark Highest Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product jar package name flexmark Low Product file name flexmark High Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name html Highest Product jar package name vladsch Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-all-0.42.14.jarDescription:
flexmark-java core and all extension modules and converters File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-all\0.42.14\flexmark-all-0.42.14.jarMD5: 3de7e346dbbda0664e5c0b94c67451b3SHA1: 0a3750727570d1eee516b1d4c1f3e42f8ada513bSHA256: b4b221c5515d70ed258de75e44dd79d851794afd83d223595a4a8bca4fd4647eReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor file name flexmark-all High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom groupid vladsch.flexmark Highest Vendor pom name flexmark-all High Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor pom artifactid flexmark-all Low Product file name flexmark-all High Product pom artifactid flexmark-all Highest Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product pom name flexmark-all High Product pom parent-groupid com.vladsch.flexmark Medium Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-abbreviation-0.42.14.jarDescription:
flexmark-java extension for defining abbreviations and turning appearance of these abbreviations in text into links with titles consisting of the expansion of the abbreviation File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-abbreviation\0.42.14\flexmark-ext-abbreviation-0.42.14.jarMD5: a83c9a54e768adc0380296d370412aaeSHA1: fd18fcd0c69b30388b115fe644a3eb0476e924b5SHA256: 6c11c50d91a73e5ee83e58c25b124acf5fdfcec8006357c100aa5daa1a40a036Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor pom artifactid flexmark-ext-abbreviation Low Vendor jar package name vladsch Low Vendor file name flexmark-ext-abbreviation High Vendor pom parent-artifactid flexmark-java Low Vendor pom name flexmark-java extension for abbreviations in text High Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Vendor jar package name abbreviation Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name abbreviation Low Product file name flexmark-ext-abbreviation High Product pom name flexmark-java extension for abbreviations in text High Product pom artifactid flexmark-ext-abbreviation Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Product jar package name abbreviation Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-admonition-0.42.14.jarDescription:
flexmark-java extension for admonition syntax File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-admonition\0.42.14\flexmark-ext-admonition-0.42.14.jarMD5: f5a981c82fd39ea64c2ba3502084f77cSHA1: 6705da4805d75040b5f113af1296ce1c290002bdSHA256: 1c919c8cb3db778ce63c1cceb121e06492ffc5c2f8cdd1508b6a88d2060d77c7Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name admonition Highest Vendor pom name flexmark-java extension for admonition syntax High Vendor file name flexmark-ext-admonition High Vendor pom artifactid flexmark-ext-admonition Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name admonition Highest Product pom name flexmark-java extension for admonition syntax High Product file name flexmark-ext-admonition High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product pom artifactid flexmark-ext-admonition Highest Product jar package name vladsch Highest Product jar package name admonition Low Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-admonition-0.42.14.jar: admonition.jsFile Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-admonition\0.42.14\flexmark-ext-admonition-0.42.14.jar\admonition.jsMD5: 67e08364cbf8291a4a3ca2960b28a677SHA1: 97a1e2c72bddc908dfb11806390b19ad7e1f1e08SHA256: 65f336194b2553776814e833b4eaa78a60cb66afb223b309746d108a150fbd0aReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence
flexmark-ext-aside-0.42.14.jarDescription:
flexmark-java extension for converting | to aside tags File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-aside\0.42.14\flexmark-ext-aside-0.42.14.jarMD5: 2272ac9ca4f0d86e8f0986cd486ac768SHA1: 74b2971f4ebf31b933a8f540a15b4f48bc76730eSHA256: b568313f16bdeb0338e72d64b32974be18c7abc5ee84331a6db02f04c08ffaaeReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name flexmark-java extension for converting | to aside tags High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name aside Highest Vendor file name flexmark-ext-aside High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor pom artifactid flexmark-ext-aside Low Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product pom name flexmark-java extension for converting | to aside tags High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name aside Low Product jar package name aside Highest Product file name flexmark-ext-aside High Product pom artifactid flexmark-ext-aside Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-attributes-0.42.14.jarDescription:
flexmark-java extension for attributes File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-attributes\0.42.14\flexmark-ext-attributes-0.42.14.jarMD5: e0655612fdda723988ac5313430bc6cfSHA1: 4c72e54679490138b19303c22f31f69af48e3aabSHA256: ee64456a07cf1c06597bede3afccfbdc014688ce66328d863b4cf4055abc8eb0Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name flexmark-java extension for attributes High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-attributes Low Vendor pom parent-artifactid flexmark-java Low Vendor jar package name attributes Highest Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor file name flexmark-ext-attributes High Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product pom name flexmark-java extension for attributes High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name attributes Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product file name flexmark-ext-attributes High Product jar package name vladsch Highest Product pom artifactid flexmark-ext-attributes Highest Product jar package name ext Highest Product jar package name attributes Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-autolink-0.42.14.jarDescription:
flexmark-java extension for turning plain URLs and email addresses into links File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-autolink\0.42.14\flexmark-ext-autolink-0.42.14.jarMD5: 3fd6cba361141a5c31932ceaa9755646SHA1: 3cfe60cb3647db7bad3579d3b02d4ea6cec78541SHA256: 99e84fbccc0d75e476e16d3df4466f666ed5446a1c2e9f382ec1b8fb834def8eReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-autolink Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor file name flexmark-ext-autolink High Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name autolink Highest Vendor jar package name vladsch Highest Vendor jar package name ext Highest Vendor pom name flexmark-java extension for autolinking High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product file name flexmark-ext-autolink High Product jar package name autolink Low Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name autolink Highest Product pom artifactid flexmark-ext-autolink Highest Product jar package name vladsch Highest Product jar package name ext Highest Product pom name flexmark-java extension for autolinking High Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-definition-0.42.14.jarDescription:
flexmark-java extension for definition File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-definition\0.42.14\flexmark-ext-definition-0.42.14.jarMD5: 0d198fcb393922b552f36aa8ee9a541cSHA1: 3ee31461b72186ed8b0bbc45f07b2cba70bb1721SHA256: 28d7739d1e922fbc391942dfc2e4061a65ca864c48577bc82a23fc7576be118eReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name definition Highest Vendor pom name flexmark-java extension for definition High Vendor file name flexmark-ext-definition High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom artifactid flexmark-ext-definition Low Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name definition Highest Product pom name flexmark-java extension for definition High Product file name flexmark-ext-definition High Product pom artifactid flexmark-ext-definition Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name definition Low Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-emoji-0.42.14.jarDescription:
flexmark-java extension for emoji shortcuts using Emoji-Cheat-Sheet.com http://www.emoji-cheat-sheet.com/ File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-emoji\0.42.14\flexmark-ext-emoji-0.42.14.jarMD5: e07e5cb45cbb8b639428ba15b1ce4d27SHA1: 3118723b2fa76dc2c7238652bca7519e31c55b22SHA256: 9aef7c6edf2128731e7a438a4b4c65ed4a39699bd21ff3d2c6cda4805ec0e019Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom name flexmark-java extension for emoji shortcuts High Vendor pom artifactid flexmark-ext-emoji Low Vendor jar package name emoji Highest Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor file name flexmark-ext-emoji High Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product pom name flexmark-java extension for emoji shortcuts High Product jar package name emoji Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product file name flexmark-ext-emoji High Product pom artifactid flexmark-ext-emoji Highest Product jar package name vladsch Highest Product jar package name ext Highest Product jar package name emoji Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-enumerated-reference-0.42.14.jarDescription:
flexmark-java extension for enumerated reference processing File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-enumerated-reference\0.42.14\flexmark-ext-enumerated-reference-0.42.14.jarMD5: 60760a3658078869bec7b293ef662f33SHA1: f9fc520ca7e369a9f8ea70212930f5959b9cb869SHA256: ccbdb429d3bbad3bca0ba1282ba41c48325d3eefff0879c7f0e0623cb0046451Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-enumerated-reference High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom name flexmark-java extension for enumerated reference High Vendor pom artifactid flexmark-ext-enumerated-reference Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name enumerated Highest Vendor jar package name ext Highest Product file name flexmark-ext-enumerated-reference High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product jar package name enumerated Low Product pom groupid vladsch.flexmark Highest Product pom name flexmark-java extension for enumerated reference High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name enumerated Highest Product pom artifactid flexmark-ext-enumerated-reference Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-escaped-character-0.42.14.jarDescription:
flexmark-java extension for escaped_character File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-escaped-character\0.42.14\flexmark-ext-escaped-character-0.42.14.jarMD5: 6eea661b0b3c8bfc907e35ac145b4e78SHA1: f85a79a652c0e393a007b0a229b25b0acb8fc87fSHA256: 2513d4fde1af9fb8a81cbddb1d473807cab07908b0fea9e3b32b628f7b9b4126Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark-ext-escaped-character High Vendor jar package name escaped Highest Vendor pom parent-artifactid flexmark-java Low Vendor pom artifactid flexmark-ext-escaped-character Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Vendor pom name flexmark-java extension for escaped_character High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product file name flexmark-ext-escaped-character High Product jar package name escaped Highest Product jar package name escaped Low Product pom artifactid flexmark-ext-escaped-character Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Product pom name flexmark-java extension for escaped_character High Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-footnotes-0.42.14.jarDescription:
flexmark-java extension for footnote inline elments and footnote definitions File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-footnotes\0.42.14\flexmark-ext-footnotes-0.42.14.jarMD5: b3f6e761a9307710cba1c5ae04f6ddeaSHA1: 37d27c701976e6639f7d085e8cbf1ee1bdac8160SHA256: bc883ca8fa1c0593da7d3e18864315ae5455d72707af335da7d222e79ec96557Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor file name flexmark-ext-footnotes High Vendor pom name flexmark-java extension for footnotes High Vendor pom artifactid flexmark-ext-footnotes Low Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Vendor jar package name footnotes Highest Product jar package name footnotes Low Product file name flexmark-ext-footnotes High Product pom name flexmark-java extension for footnotes High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Product jar package name footnotes Highest Product pom artifactid flexmark-ext-footnotes Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-gfm-issues-0.42.14.jarDescription:
flexmark-java extension for GitHub issue syntax File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-gfm-issues\0.42.14\flexmark-ext-gfm-issues-0.42.14.jarMD5: 6f04b8b01f30ddd647304abb358f1703SHA1: 5ed5f1df0802f1609e4a8e2bed69181b934060b2SHA256: 8c7deb8f8d65addbb7ebc5fb7f1f2b4c145a46a2608f6830318a6c2cd3b56012Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark-ext-gfm-issues High Vendor jar package name gfm Highest Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for GitHub issue syntax High Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor pom artifactid flexmark-ext-gfm-issues Low Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product file name flexmark-ext-gfm-issues High Product jar package name gfm Highest Product pom artifactid flexmark-ext-gfm-issues Highest Product pom name flexmark-java extension for GitHub issue syntax High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Product jar package name gfm Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-gfm-strikethrough-0.42.14.jarDescription:
flexmark-java extension for GFM strikethrough using ~~ (GitHub Flavored Markdown) File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-gfm-strikethrough\0.42.14\flexmark-ext-gfm-strikethrough-0.42.14.jarMD5: 9b01fc335f998e359d3c4f0b0049bfbfSHA1: 8c56ef720733979a687de0c48e1e9d35caab746fSHA256: 141d0056dafb323ece1c75933fd88bdbea7617f94f76cc374ee5c76cd1958904Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor pom name flexmark-java extension for strikethrough High Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-gfm-strikethrough Low Vendor jar package name gfm Highest Vendor file name flexmark-ext-gfm-strikethrough High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product pom name flexmark-java extension for strikethrough High Product jar package name gfm Highest Product file name flexmark-ext-gfm-strikethrough High Product pom artifactid flexmark-ext-gfm-strikethrough Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Product jar package name gfm Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-gfm-tables-0.42.14.jarDescription:
flexmark-java extension for GFM tables using "|" pipes (GitHub Flavored Markdown) File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-gfm-tables\0.42.14\flexmark-ext-gfm-tables-0.42.14.jarMD5: 691d00bdd8a58a042351c5eb94504a19SHA1: d89035f7cb7417b5ce12698240fe4c672fa4b30fSHA256: 808bc5ddbc8936cb31555731f5e9962bf21a164abc11977ef40af049d4b6c4e9Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name gfm Highest Vendor pom name flexmark-java extension for tables High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor pom artifactid flexmark-ext-gfm-tables Low Vendor file name flexmark-ext-gfm-tables High Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name gfm Highest Product pom name flexmark-java extension for tables High Product pom artifactid flexmark-ext-gfm-tables Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product file name flexmark-ext-gfm-tables High Product jar package name vladsch Highest Product jar package name ext Highest Product jar package name gfm Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-gfm-tasklist-0.42.14.jarDescription:
flexmark-java extension to convert bullet list items that start with [ ] to a TaskListItem node File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-gfm-tasklist\0.42.14\flexmark-ext-gfm-tasklist-0.42.14.jarMD5: 76851d6f75fd202dfc29c158cce06fb2SHA1: ae509f9adedbf1ba516d93f69575ac2b5fb083e2SHA256: 1b73d98bee812030d139f90fd7cdb95a6bead5f04a79a5f020d619dc23a47e69Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name flexmark-java extension for generating GitHub style task list items High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name gfm Highest Vendor pom artifactid flexmark-ext-gfm-tasklist Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor file name flexmark-ext-gfm-tasklist High Vendor jar package name ext Highest Product pom name flexmark-java extension for generating GitHub style task list items High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name gfm Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product pom artifactid flexmark-ext-gfm-tasklist Highest Product jar package name vladsch Highest Product file name flexmark-ext-gfm-tasklist High Product jar package name ext Highest Product jar package name gfm Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-gfm-users-0.42.14.jarDescription:
flexmark-java extension for GitHub user syntax File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-gfm-users\0.42.14\flexmark-ext-gfm-users-0.42.14.jarMD5: 16c5facc4c8785ff0ceba2ffd231356aSHA1: 46f0b350624a3fe5c3cae7805619a461e9efbce5SHA256: 625ac18ae795a55bad0d99dcf84385d17c2a5acdc82dbd59ae71553fbe6dad04Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor pom name flexmark-java extension for GitHub user syntax High Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name gfm Highest Vendor pom artifactid flexmark-ext-gfm-users Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor file name flexmark-ext-gfm-users High Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom name flexmark-java extension for GitHub user syntax High Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name gfm Highest Product file name flexmark-ext-gfm-users High Product jar package name flexmark Low Product pom artifactid flexmark-ext-gfm-users Highest Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Product jar package name gfm Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-gitlab-0.42.14.jarDescription:
flexmark-java extension for GitLab Flavoured Markdown File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-gitlab\0.42.14\flexmark-ext-gitlab-0.42.14.jarMD5: d2195b296eab8bdc300acaa5713359a7SHA1: ab7ce25e56620902304f9495d750611f83d4b843SHA256: 9e658f078109772daaae325c28a83abd14f9e733c52967506326aa25ac0612c5Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name gitlab Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark-ext-gitlab High Vendor pom parent-artifactid flexmark-java Low Vendor pom artifactid flexmark-ext-gitlab Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor pom name flexmark-java extension for GitLab Flavoured Markdown High Vendor jar package name ext Highest Product jar package name flexmark Highest Product jar package name gitlab Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name gitlab Low Product file name flexmark-ext-gitlab High Product pom artifactid flexmark-ext-gitlab Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product pom name flexmark-java extension for GitLab Flavoured Markdown High Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-ins-0.42.14.jarDescription:
flexmark-java extension for ins File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-ins\0.42.14\flexmark-ext-ins-0.42.14.jarMD5: e3c5cfcff171ad7fdf5e54c9b4086487SHA1: 60a5de9f2fbd8cac2def83204d1f49e5236623aeSHA256: 5b49b1c81093a6efaef384376c063ff69b019c6e11a21509799bd023aff12e98Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name ins Highest Vendor pom name flexmark-java extension for ins High Vendor file name flexmark-ext-ins High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom artifactid flexmark-ext-ins Low Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name ins Highest Product pom artifactid flexmark-ext-ins Highest Product pom name flexmark-java extension for ins High Product file name flexmark-ext-ins High Product jar package name ins Low Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-jekyll-front-matter-0.42.14.jarDescription:
flexmark-java extension for jekyll_front_matter File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-jekyll-front-matter\0.42.14\flexmark-ext-jekyll-front-matter-0.42.14.jarMD5: 226e5f88e347dcbbd8d45d09bb87e315SHA1: 2a14df9d8e540a5825f584ffc6e4b31a451ee98fSHA256: 6d8ebded61a9667a1daaa47ed0014693204eabb57ee17a4c54e0b677ec1b7d3fReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor pom artifactid flexmark-ext-jekyll-front-matter Low Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom name flexmark-java extension for jekyll_front_matter High Vendor jar package name jekyll Highest Vendor file name flexmark-ext-jekyll-front-matter High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product pom artifactid flexmark-ext-jekyll-front-matter Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product jar package name jekyll Low Product pom groupid vladsch.flexmark Highest Product pom name flexmark-java extension for jekyll_front_matter High Product jar package name jekyll Highest Product file name flexmark-ext-jekyll-front-matter High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-jekyll-tag-0.42.14.jarDescription:
flexmark-java extension for jekyll tag parsing File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-jekyll-tag\0.42.14\flexmark-ext-jekyll-tag-0.42.14.jarMD5: 0a66a65e05e6e164438744105aed3833SHA1: 133380ff82857b6f959a9c63d108c708f0431e54SHA256: 6d648333da0645814d7ad0f2b990770cb051a948ef3aa8e9c7493313b50bb0e3Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name flexmark-java extension for jekyll tag parsing High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark-ext-jekyll-tag High Vendor jar package name jekyll Highest Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor pom artifactid flexmark-ext-jekyll-tag Low Vendor jar package name ext Highest Product pom name flexmark-java extension for jekyll tag parsing High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product jar package name jekyll Low Product pom groupid vladsch.flexmark Highest Product file name flexmark-ext-jekyll-tag High Product pom artifactid flexmark-ext-jekyll-tag Highest Product jar package name jekyll Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-macros-0.42.14.jarDescription:
flexmark-java extension for processing macros File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-macros\0.42.14\flexmark-ext-macros-0.42.14.jarMD5: 49febd0b532c5e2518f200f939e5fc65SHA1: ec86935b44abaa46a13fba825aba0ac7c9e13683SHA256: 9916cd2470331b4f1ec01f830d52d4302ad1b19770ea15250a97658cdd6b8181Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom artifactid flexmark-ext-macros Low Vendor file name flexmark-ext-macros High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name macros Highest Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Vendor pom name flexmark-java extension for processing macros High Product file name flexmark-ext-macros High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom artifactid flexmark-ext-macros Highest Product pom groupid vladsch.flexmark Highest Product jar package name macros Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name macros Low Product jar package name vladsch Highest Product jar package name ext Highest Product pom name flexmark-java extension for processing macros High Version file version 0.42.14 High Version pom version 0.42.14 Highest
Published Vulnerabilities CVE-2018-1000840 suppress
Processing Foundation Processing version 3.4 and earlier contains a XML External Entity (XXE) vulnerability in loadXML() function that can result in An attacker can read arbitrary files and exfiltrate their contents via HTTP requests. This attack appear to be exploitable via The victim must use Processing to parse a crafted XML document. CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions:
flexmark-ext-media-tags-0.42.14.jarDescription:
flexmark-java extension parsing and rendering HTML5 media tags File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-media-tags\0.42.14\flexmark-ext-media-tags-0.42.14.jarMD5: 640e1e07e83beb2d747b889a29c745a8SHA1: 0f07ee11b128e6f96d02befb21602e2855ef2033SHA256: 4181f97ba125999941ec558b51e5e73e7d19fad2880f370393a8f5ee992acee2Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name flexmark-java extension for HTML5 media tags High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor file name flexmark-ext-media-tags High Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name media Highest Vendor jar package name vladsch Highest Vendor pom artifactid flexmark-ext-media-tags Low Vendor jar package name ext Highest Product pom name flexmark-java extension for HTML5 media tags High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product pom artifactid flexmark-ext-media-tags Highest Product jar package name media Low Product file name flexmark-ext-media-tags High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name media Highest Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-superscript-0.42.14.jarDescription:
flexmark-java extension for superscript File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-superscript\0.42.14\flexmark-ext-superscript-0.42.14.jarMD5: 3655e675e51ccedce060b5fce11f0bf4SHA1: 4220bc81fcf31475b74c93e0f5ad0f1daa32e07eSHA256: bd41751827b5359a44bc69ef67c75fbd87057f699a61e1d996f0ad38e61f0f11Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name superscript Highest Vendor file name flexmark-ext-superscript High Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name superscript Low Vendor pom artifactid flexmark-ext-superscript Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for superscript High Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Product pom artifactid flexmark-ext-superscript Highest Product jar package name flexmark Highest Product jar package name superscript Highest Product file name flexmark-ext-superscript High Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product jar package name superscript Low Product jar package name internal Low Product pom name flexmark-java extension for superscript High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-tables-0.42.14.jarDescription:
flexmark-java extension for tables using "|" pipes with optional column spans and table caption File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-tables\0.42.14\flexmark-ext-tables-0.42.14.jarMD5: 9b9b4bd4d06f6457dbeb7acb195dd66bSHA1: 1ddc84b8677a06d511f1e163cb966895754b0e3bSHA256: d33267faac807ed9b3b9cc0eba7964659bbcd32e7a9aaf1c2440fc7377c4da0dReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-tables Low Vendor file name flexmark-ext-tables High Vendor pom name flexmark-java extension for tables High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor jar package name tables Highest Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product pom artifactid flexmark-ext-tables Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product jar package name tables Low Product file name flexmark-ext-tables High Product pom name flexmark-java extension for tables High Product jar package name flexmark Low Product jar package name tables Highest Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-toc-0.42.14.jarDescription:
flexmark-java extension for toc File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-toc\0.42.14\flexmark-ext-toc-0.42.14.jarMD5: 3c75a8e00f4a76dcf4cccaca5904559bSHA1: 8e280d1010420f4f6b3fd9e1968d30b48437aaceSHA256: a2682d036948fc008a1cf765a917d9b64df413bddd12a0f4c3e73d3c1daa4cf6Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name flexmark-java extension for toc High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom artifactid flexmark-ext-toc Low Vendor jar package name toc Highest Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark-ext-toc High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product pom name flexmark-java extension for toc High Product jar package name toc Low Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom artifactid flexmark-ext-toc Highest Product jar package name toc Highest Product pom groupid vladsch.flexmark Highest Product file name flexmark-ext-toc High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-typographic-0.42.14.jarDescription:
flexmark-java extension for typographic File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-typographic\0.42.14\flexmark-ext-typographic-0.42.14.jarMD5: d1fede9d4a9ef9fd1f97d9f5a05e4a5fSHA1: b9559e608ed9f31d1098bac5339badff7a83c4b8SHA256: 423ee0ff4d3656b1eb348e23ac8982540717fbd90474c3b3158daf1fa162a503Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor pom artifactid flexmark-ext-typographic Low Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark-ext-typographic High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor jar package name typographic Highest Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name ext Highest Vendor pom name flexmark-java extension for typographic High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product file name flexmark-ext-typographic High Product jar package name typographic Low Product pom artifactid flexmark-ext-typographic Highest Product jar package name flexmark Low Product jar package name typographic Highest Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name ext Highest Product pom name flexmark-java extension for typographic High Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-wikilink-0.42.14.jarDescription:
flexmark-java extension parsing and rendering wiki links File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-wikilink\0.42.14\flexmark-ext-wikilink-0.42.14.jarMD5: 46de40efb74e2c0273f64cd2b1733fb7SHA1: 7728aff6e4b7499e6e919d02074691b834fbe03bSHA256: a9a0865d7fbd10e6705dcacf846aa5efc242c6e5198b918875a5e72db094607cReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor pom name flexmark-java extension for wiki links High Vendor jar package name vladsch Low Vendor pom artifactid flexmark-ext-wikilink Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor file name flexmark-ext-wikilink High Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name wikilink Highest Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product pom name flexmark-java extension for wiki links High Product jar package name wikilink Low Product jar package name flexmark Low Product file name flexmark-ext-wikilink High Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name wikilink Highest Product jar package name vladsch Highest Product pom artifactid flexmark-ext-wikilink Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
Related Dependencies flexmark-ext-anchorlink-0.42.14.jarFile Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-anchorlink\0.42.14\flexmark-ext-anchorlink-0.42.14.jar MD5: 64ec5eb0aaa2ac4261caf91bb3b83196 SHA1: 5ce9fd060b044cbfe076d93bf852c953d8f3661e SHA256: 49bb421d40d45dad315a68b691ecfee8b80a843bf1626d52b945743a6a656ca1 pkg:maven/com.vladsch.flexmark/flexmark-ext-anchorlink@0.42.14 flexmark-ext-xwiki-macros-0.42.14.jarDescription:
flexmark-java extension for xwiki application specific macros File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-xwiki-macros\0.42.14\flexmark-ext-xwiki-macros-0.42.14.jarMD5: a10bbf160018d2cb41894ffd4e556c17SHA1: f6c537056b4dfd74f69779c47791731d5414de1dSHA256: d96cddc45be4ba3b61f5e4b1e00137ddeef27fc1f9f31f13706a8bffddb5f6dfReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom artifactid flexmark-ext-xwiki-macros Low Vendor file name flexmark-ext-xwiki-macros High Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom name flexmark-java extension for xwiki application specific macros High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name xwiki Highest Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product file name flexmark-ext-xwiki-macros High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product pom name flexmark-java extension for xwiki application specific macros High Product jar package name xwiki Low Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name xwiki Highest Product pom artifactid flexmark-ext-xwiki-macros Highest Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
Published Vulnerabilities CVE-2007-4898 suppress
Unspecified vulnerability in the Multiwiki plugin in XWiki before 1.1 Enterprise RC2 allows remote authenticated users, with administrative access to one wiki in a multiwiki environment, to obtain sensitive information via unknown attack vectors. NOTE: Some of these details are obtained from third party information. Successful exploitation requires administrative privileges of a wiki in a multiwiki setup.
NVD-CWE-noinfo
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:N/AC:H/Au:S/C:P/I:P/A:N References:
Vulnerable Software & Versions:
CVE-2010-4641 suppress
SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. CWE-89 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2010-4642 suppress
Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2018-16277 suppress
The Image Import function in XWiki through 10.7 has XSS. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: LOW (3.5) Vector: /AV:N/AC:M/Au:S/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.4) Vector: /AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions:
CVE-2020-15171 suppress
In XWiki before versions 11.10.5 or 12.2.1, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code execution. The only workaround is to give SCRIPT right only to trusted users. CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: MEDIUM (6.6) Vector: /AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-15252 suppress
In XWiki before version 12.5 and 11.10.6, any user with SCRIPT right (EDIT right before XWiki 7.4) can gain access to the application server Servlet context which contains tools allowing to instantiate arbitrary Java objects and invoke methods that may lead to arbitrary code execution. This is patched in XWiki 12.5 and XWiki 11.10.6. CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: HIGH (9.0) Vector: /AV:N/AC:L/Au:S/C:C/I:C/A:C CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
flexmark-ext-yaml-front-matter-0.42.14.jarDescription:
flexmark-java extension for YAML front matter File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-yaml-front-matter\0.42.14\flexmark-ext-yaml-front-matter-0.42.14.jarMD5: b857ee2e4239d1417060e02c523dfcf5SHA1: 824fea2282551c407251f027d0c9c10cb6d90200SHA256: 211e75e9ea83127840405d115d392aea7eb3a7c04d92d016a1fe2f2032be358fReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name yaml Highest Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom parent-artifactid flexmark-java Low Vendor pom name flexmark-java extension for YAML front matter High Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor file name flexmark-ext-yaml-front-matter High Vendor jar package name vladsch Highest Vendor pom artifactid flexmark-ext-yaml-front-matter Low Vendor jar package name ext Highest Product jar package name yaml Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product pom artifactid flexmark-ext-yaml-front-matter Highest Product jar package name yaml Low Product pom name flexmark-java extension for YAML front matter High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product file name flexmark-ext-yaml-front-matter High Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-ext-youtube-embedded-0.42.14.jarFile Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-ext-youtube-embedded\0.42.14\flexmark-ext-youtube-embedded-0.42.14.jarMD5: ebaab2ed6abd6158b4b2416b8f5b37beSHA1: ed436a9f20bb97de94fb9d110f21b33749202b7bSHA256: 3ffcd2a138bc98579cc46edbae894939ccb9b15bdbf3251b2483edf00ad76756Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name ext Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name youtube Highest Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor pom artifactid flexmark-ext-youtube-embedded Low Vendor file name flexmark-ext-youtube-embedded High Vendor jar package name vladsch Highest Vendor jar package name ext Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name ext Low Product pom groupid vladsch.flexmark Highest Product pom artifactid flexmark-ext-youtube-embedded Highest Product jar package name youtube Highest Product jar package name youtube Low Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product file name flexmark-ext-youtube-embedded High Product jar package name vladsch Highest Product jar package name ext Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-formatter-0.42.14.jarDescription:
flexmark-java extension for formatter File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-formatter\0.42.14\flexmark-formatter-0.42.14.jarMD5: 8914d66068fe55efd3010b6634101a28SHA1: ace562ed441ec52fdff3cd6c375a71262803e8e9SHA256: ef152baa6dbba7bcf814595b1919ecde7d3fae2f98f5b5bb760b9fd3d8384d0aReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name formatter Low Vendor pom groupid vladsch.flexmark Highest Vendor jar package name formatter Highest Vendor jar package name vladsch Low Vendor pom name flexmark-java extension for formatter High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom artifactid flexmark-formatter Low Vendor jar package name flexmark Low Vendor file name flexmark-formatter High Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product jar package name formatter Low Product pom groupid vladsch.flexmark Highest Product jar package name formatter Highest Product pom name flexmark-java extension for formatter High Product jar package name internal Low Product jar package name flexmark Low Product file name flexmark-formatter High Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product pom artifactid flexmark-formatter Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-html-parser-0.42.14.jarDescription:
flexmark-java extension to convert HTML to Markdown File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-html-parser\0.42.14\flexmark-html-parser-0.42.14.jarMD5: d7059783764ae22c9c2626d62fe74163SHA1: dd1fc9a95494d9938e6fff8da659fad0d786ce4bSHA256: 6f7803127310a9f52203a71ed6a38fd06832df57dc5fadd140441982678fbc01Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor jar package name convert Highest Vendor jar package name html Highest Vendor pom name flexmark-java HTML to Markdown High Vendor file name flexmark-html-parser High Vendor pom artifactid flexmark-html-parser Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name convert Low Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product pom artifactid flexmark-html-parser Highest Product jar package name convert Highest Product jar package name html Highest Product pom name flexmark-java HTML to Markdown High Product file name flexmark-html-parser High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name convert Low Product jar package name html Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-jira-converter-0.42.14.jarDescription:
flexmark-java extension for jira_converter File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-jira-converter\0.42.14\flexmark-jira-converter-0.42.14.jarMD5: 8407c0989d3894147966c2e1cfc22336SHA1: b6737fdafe64bb5f705df0947658968c0d3b3847SHA256: 2f0a689a5e34acf54a754fe6bab63ab9f949f7155d130bb257f4284bb9e27fd1Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name converter Highest Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-jira-converter Low Vendor jar package name jira Highest Vendor file name flexmark-jira-converter High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor pom name flexmark-java extension for jira_converter High Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name jira Low Product pom artifactid flexmark-jira-converter Highest Product jar package name flexmark Highest Product jar package name converter Highest Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product jar package name jira Highest Product file name flexmark-jira-converter High Product pom name flexmark-java extension for jira_converter High Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name converter Low Product jar package name jira Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-profile-pegdown-0.42.14.jarDescription:
flexmark-java extension for setting flexmark options by using pegdown extension flags File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-profile-pegdown\0.42.14\flexmark-profile-pegdown-0.42.14.jarMD5: 8260b91949151f997e9f682cb3ce4f33SHA1: 38811ea67ee8674d60a47eb45aef3eb6a2833bb3SHA256: b604e9868583f6fbc2c5ae2e82c8a4fd0613b30f634f3abfcfc211a3b0118f65Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor pom name flexmark-java pegdown profile High Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom artifactid flexmark-profile-pegdown Low Vendor file name flexmark-profile-pegdown High Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name pegdown Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name profiles Low Vendor jar package name vladsch Highest Product jar package name flexmark Highest Product pom name flexmark-java pegdown profile High Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product jar package name pegdown Low Product file name flexmark-profile-pegdown High Product jar package name pegdown Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name profiles Low Product jar package name vladsch Highest Product pom artifactid flexmark-profile-pegdown Highest Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-util-0.42.14.jarDescription:
flexmark-java utility classes File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-util\0.42.14\flexmark-util-0.42.14.jarMD5: 7b5e38b7d09347924a7ce7110b44d9feSHA1: 1edf60f109f64b1d1e866518fd9f44c7077219a5SHA256: c3bf31fd86312df7a0ca2fe686d5c628941872be596c5a0182f39cadd541b76eReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor file name flexmark-util High Vendor jar package name util Low Vendor pom parent-artifactid flexmark-java Low Vendor pom artifactid flexmark-util Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor jar package name vladsch Highest Vendor jar package name util Highest Vendor pom name flexmark-java utilities High Product jar package name flexmark Highest Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product pom artifactid flexmark-util Highest Product jar package name flexmark Low Product file name flexmark-util High Product pom parent-groupid com.vladsch.flexmark Medium Product jar package name vladsch Highest Product jar package name util Highest Product pom name flexmark-java utilities High Product jar package name util Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
flexmark-youtrack-converter-0.42.14.jarDescription:
flexmark-java extension for YouTrack conversion File Path: C:\Users\Jeremy\.m2\repository\com\vladsch\flexmark\flexmark-youtrack-converter\0.42.14\flexmark-youtrack-converter-0.42.14.jarMD5: 4aef1585e0d7966409dcc2d5e91f2846SHA1: 8950afca2f9d60ee10ee7f42db638b47929010d7SHA256: 58293f598b6a5c810ffcb46c3eaeded783a72ddc10371e058acddc7009812ce1Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name flexmark Highest Vendor jar package name converter Highest Vendor pom groupid vladsch.flexmark Highest Vendor jar package name vladsch Low Vendor pom parent-artifactid flexmark-java Low Vendor pom groupid com.vladsch.flexmark Highest Vendor jar package name youtrack Highest Vendor jar package name flexmark Low Vendor pom parent-groupid com.vladsch.flexmark Medium Vendor pom artifactid flexmark-youtrack-converter Low Vendor pom name flexmark-java extension for YouTrack conversion High Vendor file name flexmark-youtrack-converter High Vendor jar package name youtrack Low Vendor jar package name vladsch Highest Product jar package name flexmark Highest Product jar package name converter Highest Product pom parent-artifactid flexmark-java Medium Product pom groupid vladsch.flexmark Highest Product pom artifactid flexmark-youtrack-converter Highest Product jar package name youtrack Highest Product jar package name flexmark Low Product pom parent-groupid com.vladsch.flexmark Medium Product pom name flexmark-java extension for YouTrack conversion High Product file name flexmark-youtrack-converter High Product jar package name youtrack Low Product jar package name vladsch Highest Product jar package name converter Low Version file version 0.42.14 High Version pom version 0.42.14 Highest
formatter-maven-plugin-2.13.0.jarDescription:
Maven plugin for formatting source code License:
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\formatter-maven-plugin\2.13.0\formatter-maven-plugin-2.13.0.jar
MD5: 366d9d713f4d329a89c26f681264d820
SHA1: 30fab3d83214db25efea16283d3b8bfcea8c7479
SHA256: 79a7aeda38e4ca9642a341ffe85b56684dc604c394861c8bc2896068e10364a8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name formatter-maven-plugin High Vendor Manifest build-jdk-spec 15 Low Vendor jar package name net Highest Vendor pom name formatter-maven-plugin High Vendor pom artifactid formatter-maven-plugin Low Vendor pom groupid net.revelc.code.formatter Highest Vendor jar package name formatter Highest Vendor pom url revelc/formatter-maven-plugin/ Highest Vendor jar package name revelc Highest Vendor jar package name code Highest Product file name formatter-maven-plugin High Product Manifest build-jdk-spec 15 Low Product jar package name net Highest Product pom name formatter-maven-plugin High Product pom groupid net.revelc.code.formatter Highest Product pom url revelc/formatter-maven-plugin/ High Product jar package name formatter Highest Product jar package name revelc Highest Product jar package name code Highest Product pom artifactid formatter-maven-plugin Highest Version file version 2.13.0 High Version pom version 2.13.0 Highest
ganymed-ssh2-build210.jarDescription:
Ganymed SSH2 for Java is a library which implements the SSH-2 protocol in pure Java License:
BSD style license: http://www.ganymed.ethz.ch/ssh2/LICENSE.txt File Path: C:\Users\Jeremy\.m2\repository\ch\ethz\ganymed\ganymed-ssh2\build210\ganymed-ssh2-build210.jar
MD5: d898fe406a32b5c55283c719cb48328b
SHA1: b2f81c85a7a2a1b43727d2582710af85c979050b
SHA256: ee53bd7b41e1a45e1a263eca8ebbfc0b7acf4f9c442f4e707710c6599b80fcd5
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name ganymed-ssh2-build210 High Vendor jar package name ssh2 Low Vendor pom groupid ch.ethz.ganymed Highest Vendor jar package name ethz Low Vendor pom name Ganymed SSH2 for Java High Vendor jar package name ch Highest Vendor jar package name ssh2 Highest Vendor pom artifactid ganymed-ssh2 Low Vendor pom url http://www.ganymed.ethz.ch/ssh2/ Highest Vendor jar package name ch Low Vendor jar package name ethz Highest Product file name ganymed-ssh2-build210 High Product jar package name ssh2 Low Product pom groupid ch.ethz.ganymed Highest Product jar package name ethz Low Product pom name Ganymed SSH2 for Java High Product pom artifactid ganymed-ssh2 Highest Product jar package name ch Highest Product jar package name ssh2 Highest Product pom url http://www.ganymed.ethz.ch/ssh2/ Medium Product jar package name ethz Highest Version pom version build210 Highest
git-commit-id-plugin-4.0.3.jarDescription:
This plugin makes basic repository information available through maven resources. This can be used to display
"what version is this?" or "who has deployed this and when, from which branch?" information at runtime, making
it easy to find things like "oh, that isn't deployed yet, I'll test it tomorrow" and making both testers and
developers life easier. See https://github.com/git-commit-id/git-commit-id-maven-plugin
File Path: C:\Users\Jeremy\.m2\repository\pl\project13\maven\git-commit-id-plugin\4.0.3\git-commit-id-plugin-4.0.3.jarMD5: f0daadbbd03a3f6c2144ff6cf33545dfSHA1: 07b3fc31b7ae800d033104eea4950ac8f26d7f6dSHA256: 7f67707a32026df05e356f54ef27c14830d85f1df0d7887414e03bb764c8a489Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name pl Highest Vendor jar package name git Highest Vendor pom artifactid git-commit-id-plugin Low Vendor pom parent-artifactid git-commit-id-plugin-parent Low Vendor file name git-commit-id-plugin High Vendor pom name Git Commit Id Maven Plugin High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom groupid pl.project13.maven Highest Vendor jar package name project13 Highest Product jar package name pl Highest Product jar package name git Highest Product file name git-commit-id-plugin High Product pom artifactid git-commit-id-plugin Highest Product pom name Git Commit Id Maven Plugin High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product pom groupid pl.project13.maven Highest Product pom parent-artifactid git-commit-id-plugin-parent Medium Product jar package name project13 Highest Version file version 4.0.3 High Version pom version 4.0.3 Highest
git-commit-id-plugin-core-4.0.3.jarFile Path: C:\Users\Jeremy\.m2\repository\pl\project13\maven\git-commit-id-plugin-core\4.0.3\git-commit-id-plugin-core-4.0.3.jarMD5: 1e199c33713ff3d0e5846bad10dbaa24SHA1: e1122026101fc9c96275d68d9992fca9902bcdadSHA256: cb457a00d905b0a386a72731459e894dad189653b2d5afeda44b8354cb4f3fb7Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name pl Highest Vendor jar package name git Highest Vendor pom parent-artifactid git-commit-id-plugin-parent Low Vendor jar package name core Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid git-commit-id-plugin-core Low Vendor file name git-commit-id-plugin-core High Vendor pom groupid pl.project13.maven Highest Vendor pom name Git Commit Id Plugin Core High Vendor jar package name project13 Highest Product jar package name pl Highest Product jar package name git Highest Product jar package name core Highest Product Manifest build-jdk-spec 1.8 Low Product file name git-commit-id-plugin-core High Product pom groupid pl.project13.maven Highest Product pom name Git Commit Id Plugin Core High Product pom artifactid git-commit-id-plugin-core Highest Product pom parent-artifactid git-commit-id-plugin-parent Medium Product jar package name project13 Highest Version file version 4.0.3 High Version pom version 4.0.3 Highest
gmbal-4.0.1.jarDescription:
GlassFish MBean Annotation Library License:
EDL 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\gmbal\gmbal\4.0.1\gmbal-4.0.1.jar
MD5: e7b177a936ae62980e95f9621acd6729
SHA1: 517a7283b221161914f344013f830d7c5f8224dc
SHA256: ba88b4a36f4f8a4c6b48f8d49e830590c0541b46d3577084481b7ca5820e8894
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name gmbal High Vendor jar package name impl Low Vendor jar package name gmbal Highest Vendor pom artifactid gmbal Low Vendor pom groupid glassfish.gmbal Highest Vendor pom groupid org.glassfish.gmbal Highest Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor jar package name gmbal Low Vendor jar package name glassfish Highest Vendor pom parent-artifactid project Low Vendor jar package name glassfish Low Vendor pom url https://projects.eclipse.org/projects/ee4j.orb Highest Product file name gmbal High Product jar package name glassfish Highest Product pom artifactid gmbal Highest Product pom parent-artifactid project Medium Product jar package name impl Low Product jar package name gmbal Highest Product pom url https://projects.eclipse.org/projects/ee4j.orb Medium Product pom groupid glassfish.gmbal Highest Product pom parent-groupid org.eclipse.ee4j Medium Product jar package name gmbal Low Version file version 4.0.1 High Version pom parent-version 4.0.1 Low Version pom version 4.0.1 Highest
groovy-3.0.6-indy.jarDescription:
Groovy Runtime File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy\3.0.6\groovy-3.0.6-indy.jarMD5: bbb97835adcd026508ae9d44e395f56bSHA1: a53bfedfd4ce5d8b09eb349ff8b3506f71e99db9SHA256: 0167ce5afa5dc5f7f7bcc93472ed74be079dbe61186fa6d53ce2173c2a1acaf4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest automatic-module-name org.codehaus.groovy Medium Vendor pom groupid org.codehaus.groovy Highest Vendor jar package name codehaus Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest eclipse-buddypolicy dependent Low Vendor Manifest eclipse-extensibleapi true Low Vendor jar package name groovy Low Vendor jar package name apache Highest Vendor file name groovy High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest extension-name groovy Medium Vendor Manifest bundle-symbolicname groovy Medium Vendor jar package name groovy Highest Vendor jar package name codehaus Low Product Manifest specification-title Groovy: a powerful, dynamic language for the JVM Medium Product Manifest Implementation-Title Groovy: a powerful, dynamic language for the JVM High Product Manifest automatic-module-name org.codehaus.groovy Medium Product jar package name codehaus Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom artifactid groovy Highest Product Manifest eclipse-buddypolicy dependent Low Product Manifest Bundle-Name Groovy Runtime Medium Product Manifest eclipse-extensibleapi true Low Product jar package name groovy Low Product jar package name runtime Highest Product file name groovy High Product jar package name version Highest Product Manifest extension-name groovy Medium Product Manifest bundle-symbolicname groovy Medium Product jar package name groovy Highest Version file version 3.0.6 High Version pom version 3.0.6 Highest Version Manifest Implementation-Version 3.0.6 High
Related Dependencies groovy-groovydoc-3.0.6-indy.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy-groovydoc\3.0.6\groovy-groovydoc-3.0.6-indy.jar MD5: 961d42f9e616e6607b3bfa4b0ea73747 SHA1: e6c793ace2e7301459db0c102e02f1dd6f96d37b SHA256: 847f5a125d5beb8eb21efde148d1f03159400e8d11053f9229d9bf98480a8269 pkg:maven/org.codehaus.groovy/groovy-groovydoc@3.0.6 groovy-docgenerator-3.0.6-indy.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy-docgenerator\3.0.6\groovy-docgenerator-3.0.6-indy.jar MD5: 0b9f79b599ae9876f75213ad602549a0 SHA1: 3dcea3dd607c61d8eaad79848a2556b629a07a75 SHA256: e542e63a808f4de59f6cddcac1ed4c1dd5fc04dd34649d823b19a43dc28cd077 pkg:maven/org.codehaus.groovy/groovy-docgenerator@3.0.6 groovy-xml-3.0.6-indy.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy-xml\3.0.6\groovy-xml-3.0.6-indy.jar MD5: fd494fed227c72f004182f1c60e9beac SHA1: 300e5bf4ab7fed634f59ec181705cadf77f03d3b SHA256: 769f04494879ab32896a719d54d1d9a4dfca64509b5a215223dc7609e3a1fe58 pkg:maven/org.codehaus.groovy/groovy-xml@3.0.6 groovy-dateutil-3.0.6-indy.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy-dateutil\3.0.6\groovy-dateutil-3.0.6-indy.jar MD5: 9c36928bee82a9e9642a82faf9ca4c87 SHA1: 4bd637151f73f64547a60f4a011ee35feb75a9b6 SHA256: 02d8ffbbde2f7e5892546049c2b7199e6d94e251ec637ba7e306bb60b3f4fe31 pkg:maven/org.codehaus.groovy/groovy-dateutil@3.0.6 groovy-all-1.7.6.jarDescription:
Groovy: A powerful, dynamic language for the JVM
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy-all\1.7.6\groovy-all-1.7.6.jarMD5: 9ff4cab78c002894f649cf82c533b3ddSHA1: 5f9439657fd8811714db7a7fece9744e63831584SHA256: f1f65456e84e50ccf18aaf86f27e916370642dde90717f2d987a670839ad28c9Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor Manifest specification-vendor The Codehaus Low Vendor pom organization url http://codehaus.org Medium Vendor Manifest Implementation-Vendor The Codehaus High Vendor pom groupid codehaus.groovy Highest Vendor pom url http://groovy.codehaus.org/ Highest Vendor pom groupid org.codehaus.groovy Highest Vendor jar package name codehaus Highest Vendor Manifest eclipse-lazystart true Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest eclipse-buddypolicy dependent Low Vendor Manifest bundle-symbolicname groovy-all Medium Vendor Manifest originally-created-by 20.0-b01 (Sun Microsystems Inc.) Low Vendor Manifest extension-name groovy Medium Vendor pom artifactid groovy-all Low Vendor file name groovy-all High Vendor pom organization name The Codehaus High Vendor jar package name groovy Highest Vendor pom name Groovy High Product pom groupid codehaus.groovy Highest Product Manifest Implementation-Title Groovy: a powerful, dynamic language for the JVM High Product Manifest specification-title Groovy: a powerful, dynamic language for the JVM Medium Product jar package name codehaus Highest Product Manifest eclipse-lazystart true Low Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest eclipse-buddypolicy dependent Low Product Manifest Bundle-Name Groovy Runtime Medium Product jar package name runtime Highest Product pom organization url http://codehaus.org Low Product pom url http://groovy.codehaus.org/ Medium Product Manifest bundle-symbolicname groovy-all Medium Product pom organization name The Codehaus Low Product Manifest originally-created-by 20.0-b01 (Sun Microsystems Inc.) Low Product Manifest extension-name groovy Medium Product file name groovy-all High Product pom artifactid groovy-all Highest Product jar package name groovy Highest Product pom name Groovy High Version Manifest Bundle-Version 1.7.6 High Version pom version 1.7.6 Highest Version Manifest Implementation-Version 1.7.6 High Version file version 1.7.6 High
Published Vulnerabilities CVE-2015-3253 (OSSINDEX) suppress
The MethodClosure class in runtime/MethodClosure.java in Apache Groovy 1.7.0 through 2.4.3 allows remote attackers to execute arbitrary code or cause a denial of service via a crafted serialized object. CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.codehaus.groovy:groovy-all:1.7.6:*:*:*:*:*:*:* CVE-2016-6814 (OSSINDEX) suppress
When an application with unsupported Codehaus versions of Groovy from 1.7.0 to 2.4.3, Apache Groovy 2.4.4 to 2.4.7 on classpath uses standard Java serialization mechanisms, e.g. to communicate between servers or to store local data, it was possible for an attacker to bake a special serialized object that will execute code directly when deserialized. All applications which rely on serialization and do not isolate the code which deserializes objects were subject to this vulnerability. CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.codehaus.groovy:groovy-all:1.7.6:*:*:*:*:*:*:* groovy-ant-3.0.6-indy.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy-ant\3.0.6\groovy-ant-3.0.6-indy.jarMD5: 68bc10d1a4458028e5f523b82993e69bSHA1: 4f9f88bdadb0034c9068077cc0d4d308dba8ce9eSHA256: 680202bcbc896fa5ef67f47c22dc5298bd0ebd5bde1d4e2229f9cf9ab4ebaa6dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.codehaus.groovy Highest Vendor jar package name codehaus Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest bundle-symbolicname groovy-ant Medium Vendor Manifest eclipse-buddypolicy dependent Low Vendor jar package name groovy Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor Manifest automatic-module-name org.codehaus.groovy.ant Medium Vendor file name groovy-ant High Vendor Manifest fragment-host groovy Low Vendor jar package name ant Low Vendor jar package name groovy Highest Vendor jar package name ant Highest Vendor jar package name codehaus Low Product Manifest specification-title Groovy: a powerful, dynamic language for the JVM Medium Product Manifest Implementation-Title Groovy: a powerful, dynamic language for the JVM High Product jar package name codehaus Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest bundle-symbolicname groovy-ant Medium Product Manifest eclipse-buddypolicy dependent Low Product jar package name groovy Low Product Manifest automatic-module-name org.codehaus.groovy.ant Medium Product file name groovy-ant High Product Manifest fragment-host groovy Low Product jar package name ant Low Product jar package name groovy Highest Product jar package name ant Highest Product pom artifactid groovy-ant Highest Version file version 3.0.6 High Version pom version 3.0.6 Highest Version Manifest Implementation-Version 3.0.6 High
groovy-templates-3.0.6-indy.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\groovy\groovy-templates\3.0.6\groovy-templates-3.0.6-indy.jarMD5: 847511f13642147b20bd895a8fb39b82SHA1: 1d40ec0740b6563e206e504ec52cda80a951d32cSHA256: 188ecc69c0f2167e2c692103c254c9c688ddeebab7c96962e79b7af9f918a508Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name text Low Vendor pom groupid org.codehaus.groovy Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name markup Low Vendor Manifest bundle-symbolicname groovy-templates Medium Vendor Manifest eclipse-buddypolicy dependent Low Vendor jar package name groovy Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor file name groovy-templates High Vendor Manifest fragment-host groovy Low Vendor jar package name groovy Highest Vendor Manifest automatic-module-name org.codehaus.groovy.templates Medium Product jar package name text Low Product Manifest specification-title Groovy: a powerful, dynamic language for the JVM Medium Product Manifest Implementation-Title Groovy: a powerful, dynamic language for the JVM High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name markup Low Product Manifest bundle-symbolicname groovy-templates Medium Product Manifest eclipse-buddypolicy dependent Low Product pom artifactid groovy-templates Highest Product file name groovy-templates High Product Manifest fragment-host groovy Low Product jar package name groovy Highest Product Manifest automatic-module-name org.codehaus.groovy.templates Medium Version file version 3.0.6 High Version pom version 3.0.6 Highest Version Manifest Implementation-Version 3.0.6 High
gson-2.8.5.jarDescription:
Gson JSON library File Path: C:\Users\Jeremy\.m2\repository\com\google\code\gson\gson\2.8.5\gson-2.8.5.jarMD5: 089104cb90d8b4e1aa00b1f5faef0742SHA1: f645ed69d595b24d4cf8b3fbb64cc505bede8829SHA256: 233a0149fc365c9f6edbd683cfe266b19bdc773be98eabdaf6b3c924b48e7d81Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid gson-parent Low Vendor pom name Gson High Vendor Manifest bundle-symbolicname com.google.gson Medium Vendor jar package name google Highest Vendor Manifest bundle-contactaddress https://github.com/google/gson Low Vendor pom groupid com.google.code.gson Highest Vendor file name gson High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom artifactid gson Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Vendor pom parent-groupid com.google.code.gson Medium Vendor pom groupid google.code.gson Highest Vendor jar package name gson Highest Product Manifest Bundle-Name Gson Medium Product pom name Gson High Product Manifest bundle-symbolicname com.google.gson Medium Product jar package name google Highest Product Manifest bundle-contactaddress https://github.com/google/gson Low Product file name gson High Product pom parent-artifactid gson-parent Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product Manifest bundle-requiredexecutionenvironment J2SE-1.5, JavaSE-1.6, JavaSE-1.7, JavaSE-1.8 Low Product pom parent-groupid com.google.code.gson Medium Product pom groupid google.code.gson Highest Product pom artifactid gson Highest Product jar package name gson Highest Version pom version 2.8.5 Highest Version file version 2.8.5 High Version Manifest Bundle-Version 2.8.5 High
guava-29.0-jre.jarDescription:
Guava is a suite of core and expanded libraries that include
utility classes, google's collections, io classes, and much
much more.
License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\google\guava\guava\29.0-jre\guava-29.0-jre.jar
MD5: c87962fe0522b105531f37fe351b3b0c
SHA1: 801142b4c3d0f0770dd29abea50906cacfddd447
SHA256: b22c5fb66d61e7b9522531d04b2f915b5158e80aa0b40ee7282c8bfb07b0da25
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid guava Low Vendor file name guava High Vendor jar package name google Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest bundle-docurl https://github.com/google/guava/ Low Vendor pom parent-artifactid guava-parent Low Vendor jar package name common Highest Vendor pom name Guava: Google Core Libraries for Java High Vendor pom groupid google.guava Highest Vendor Manifest automatic-module-name com.google.common Medium Vendor Manifest bundle-symbolicname com.google.guava Medium Vendor pom parent-groupid com.google.guava Medium Vendor pom groupid com.google.guava Highest Product file name guava High Product Manifest Bundle-Name Guava: Google Core Libraries for Java Medium Product jar package name google Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom parent-artifactid guava-parent Medium Product Manifest bundle-docurl https://github.com/google/guava/ Low Product jar package name common Highest Product pom name Guava: Google Core Libraries for Java High Product pom groupid google.guava Highest Product Manifest automatic-module-name com.google.common Medium Product Manifest bundle-symbolicname com.google.guava Medium Product pom parent-groupid com.google.guava Medium Product pom artifactid guava Highest Version pom version 29.0-jre Highest
ha-api-3.1.12.jarDescription:
Eclipse Enterprise for Java (EE4J) is an open source initiative to create standard APIs, implementations of those APIs, and technology compatibility kits for Java runtimes that enable development, deployment, and management of server-side and cloud-native applications. License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\ha\ha-api\3.1.12\ha-api-3.1.12.jar
MD5: b27503044b6423e741dc5c65deb9909a
SHA1: 59fbeca6cc196da8159e4957eabe49f23d1e691a
SHA256: f1d8a01bf2d8c7f6204ba45f39ac54afb6f0c82b2c59bca7cd444aad0ef7193c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name GlassFish High Availability APIs and SPI High Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest require-bundle org.glassfish.hk2.hk2;bundle-version=2.0.5;resolution:=mandatory;visibility:=private Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor pom groupid org.glassfish.ha Highest Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom artifactid ha-api Low Vendor jar package name spi Highest Vendor jar package name glassfish Highest Vendor pom parent-artifactid project Low Vendor Manifest extension-name ha-api Medium Vendor jar package name ha Highest Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor file name ha-api High Vendor jar package name api Highest Vendor Manifest bundle-symbolicname org.glassfish.ha.ha-api Medium Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom groupid glassfish.ha Highest Product Manifest specification-title Eclipse Enterprise for Java (EE4J) is an open source initiative to create standard APIs, implementations of those APIs, and technology compatibility kits for Java runtimes that enable development, deployment, and management of server-side and cloud-native applications. Medium Product pom parent-artifactid project Medium Product pom name GlassFish High Availability APIs and SPI High Product Manifest Implementation-Title ha-api High Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest require-bundle org.glassfish.hk2.hk2;bundle-version=2.0.5;resolution:=mandatory;visibility:=private Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product pom parent-groupid org.eclipse.ee4j Medium Product jar package name spi Highest Product jar package name glassfish Highest Product Manifest extension-name ha-api Medium Product jar package name ha Highest Product Manifest Bundle-Name GlassFish High Availability APIs and SPI Medium Product file name ha-api High Product pom artifactid ha-api Highest Product jar package name api Highest Product Manifest bundle-symbolicname org.glassfish.ha.ha-api Medium Product pom groupid glassfish.ha Highest Version Manifest Bundle-Version 3.1.12 High Version pom version 3.1.12 Highest Version Manifest Implementation-Version 3.1.12 High Version pom parent-version 3.1.12 Low Version file version 3.1.12 High
hamcrest-core-1.1.jarFile Path: C:\Users\Jeremy\.m2\repository\org\hamcrest\hamcrest-core\1.1\hamcrest-core-1.1.jarMD5: b66d0c48e1f1dc54d4227db52512c15bSHA1: 860340562250678d1a344907ac75754e259cdb14SHA256: 0361d1493ff0d94f861359efea91200720635072134792efb7217f6e09d5cffbReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid hamcrest-core Low Vendor jar package name core Highest Vendor jar package name hamcrest Low Vendor pom groupid hamcrest Highest Vendor pom parent-artifactid hamcrest-parent Low Vendor file name hamcrest-core High Vendor pom parent-groupid org.hamcrest Medium Vendor pom groupid org.hamcrest Highest Vendor pom name Hamcrest Core High Vendor jar package name hamcrest Highest Product jar package name core Highest Product pom groupid hamcrest Highest Product pom artifactid hamcrest-core Highest Product file name hamcrest-core High Product pom parent-artifactid hamcrest-parent Medium Product pom parent-groupid org.hamcrest Medium Product pom name Hamcrest Core High Product jar package name hamcrest Highest Version file version 1.1 High Version pom version 1.1 Highest
hibernate-validator-annotation-processor-6.1.5.Final.jarFile Path: C:\Users\Jeremy\.m2\repository\org\hibernate\validator\hibernate-validator-annotation-processor\6.1.5.Final\hibernate-validator-annotation-processor-6.1.5.Final.jarMD5: d85065ea7100d44da92f2a6007d33b52SHA1: 60606008a174e11220b1a34f4ff4fb132a947309SHA256: 0d81c5183441c3d40e8a62f988836e46a64f360338ad99dfcf82587e96b2e34dReferenced In Project/Scope: dependency-plugin-tracker:provided
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor org.hibernate.validator High Vendor Manifest automatic-module-name org.hibernate.validator.annotationprocessor Medium Vendor jar package name hibernate Highest Vendor pom groupid hibernate.validator Highest Vendor pom artifactid hibernate-validator-annotation-processor Low Vendor file name hibernate-validator-annotation-processor High Vendor Manifest implementation-url http://hibernate.org/validator/ Low Vendor hint analyzer vendor redhat Highest Vendor Manifest Implementation-Vendor-Id org.hibernate.validator Medium Vendor pom parent-groupid org.hibernate.validator Medium Vendor pom groupid org.hibernate.validator Highest Vendor pom name Hibernate Validator Annotation Processor High Vendor jar package name validator Highest Vendor pom parent-artifactid hibernate-validator-parent Low Product file name hibernate-validator-annotation-processor High Product Manifest implementation-url http://hibernate.org/validator/ Low Product pom artifactid hibernate-validator-annotation-processor Highest Product Manifest automatic-module-name org.hibernate.validator.annotationprocessor Medium Product Manifest Implementation-Title hibernate-validator-annotation-processor High Product pom parent-groupid org.hibernate.validator Medium Product jar package name hibernate Highest Product pom name Hibernate Validator Annotation Processor High Product jar package name validator Highest Product pom groupid hibernate.validator Highest Product pom parent-artifactid hibernate-validator-parent Medium Version Manifest Implementation-Version 6.1.5.Final High Version pom version 6.1.5.Final Highest
htmlcompressor-1.5.2.jarDescription:
HtmlCompressor is a small, fast and very easy to use Java library that minifies given HTML or XML source by removing extra whitespaces, comments and other unneeded characters without breaking the content structure. As a result pages become smaller in size and load faster. A command-line version of the compressor is also available. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: C:\Users\Jeremy\.m2\repository\com\googlecode\htmlcompressor\htmlcompressor\1.5.2\htmlcompressor-1.5.2.jar
MD5: 303593f65a9ab6b080b111d94f5d6d9f
SHA1: 76e7cf6469239cc5395ac50e1e90ca2c2d28ae63
SHA256: a6cc5e5de05bee74208fd3078fc1faeae54f74ad70ce56ea5f49364c56d2c383
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name HTML Compressor and Minifier High Vendor jar package name googlecode Low Vendor pom organization url http://code.google.com/p/htmlcompressor/ Medium Vendor pom groupid googlecode.htmlcompressor Highest Vendor jar package name htmlcompressor Low Vendor pom artifactid htmlcompressor Low Vendor file name htmlcompressor High Vendor jar package name googlecode Highest Vendor jar package name htmlcompressor Highest Vendor pom groupid com.googlecode.htmlcompressor Highest Vendor pom organization name Sergiy Kovalchuk High Vendor jar package name compressor Highest Vendor pom url http://code.google.com/p/htmlcompressor/ Highest Product jar package name htmlcompressor Low Product pom name HTML Compressor and Minifier High Product file name htmlcompressor High Product jar package name googlecode Highest Product jar package name htmlcompressor Highest Product pom organization name Sergiy Kovalchuk Low Product pom organization url http://code.google.com/p/htmlcompressor/ Low Product pom groupid googlecode.htmlcompressor Highest Product pom artifactid htmlcompressor Highest Product jar package name compressor Highest Product pom url http://code.google.com/p/htmlcompressor/ Medium Version file version 1.5.2 High Version pom version 1.5.2 Highest
htmlcompressor-maven-plugin-1.3.jarDescription:
Maven HTMLCompressor Plugin allows to compress html/xml by adding a few lines to the pom file. License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0 File Path: C:\Users\Jeremy\.m2\repository\com\tunyk\mvn\plugins\htmlcompressor\htmlcompressor-maven-plugin\1.3\htmlcompressor-maven-plugin-1.3.jar
MD5: 464d1cafec2a8665be77a6e17676a759
SHA1: 0ea373e033180cc7c94374243768fdc543a3f999
SHA256: c26349d6d2f4a1fe01cefad1b5463df48c81f88fb00083ae281b3b51d59e320e
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name htmlcompressor-maven-plugin High Vendor pom name Maven HTMLCompressor Plugin High Vendor jar package name plugins Low Vendor pom groupid tunyk.mvn.plugins.htmlcompressor Highest Vendor jar package name mvn Highest Vendor pom url TUNYK/htmlcompressor-maven-plugin Highest Vendor jar package name tunyk Low Vendor pom artifactid htmlcompressor-maven-plugin Low Vendor pom organization url http://tunyk.com/ Medium Vendor pom groupid com.tunyk.mvn.plugins.htmlcompressor Highest Vendor jar package name htmlcompressor Highest Vendor jar package name plugins Highest Vendor pom organization name TUNYK.COM High Vendor jar package name mvn Low Vendor jar package name tunyk Highest Product file name htmlcompressor-maven-plugin High Product pom name Maven HTMLCompressor Plugin High Product pom artifactid htmlcompressor-maven-plugin Highest Product jar package name plugins Low Product pom groupid tunyk.mvn.plugins.htmlcompressor Highest Product pom organization url http://tunyk.com/ Low Product jar package name mvn Highest Product jar package name htmlcompressor Low Product pom url TUNYK/htmlcompressor-maven-plugin High Product jar package name htmlcompressor Highest Product pom organization name TUNYK.COM Low Product jar package name plugins Highest Product jar package name mvn Low Product jar package name tunyk Highest Version file version 1.3 High Version pom version 1.3 Highest
httpclient-4.5.2.jarDescription:
Apache HttpComponents Client
File Path: C:\Users\Jeremy\.m2\repository\org\apache\httpcomponents\httpclient\4.5.2\httpclient-4.5.2.jarMD5: e0a45df625cb96b69505e59bb25a0189SHA1: 733db77aa8d9b2d68015189df76ab06304406e50SHA256: 0dffc621400d6c632f55787d996b8aeca36b30746a716e079a985f24d8074057Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.httpcomponents Medium Vendor jar package name httpclient Highest Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor pom name Apache HttpClient High Vendor file name httpclient High Vendor Manifest url http://hc.apache.org/httpcomponents-client Low Vendor jar package name client Highest Vendor pom artifactid httpclient Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom parent-artifactid httpcomponents-client Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.httpcomponents Highest Vendor Manifest implementation-build tags/4.5.2-RC1/httpclient@r1731537; 2016-02-21 17:03:53+0100 Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom url http://hc.apache.org/httpcomponents-client Highest Product jar package name httpclient Highest Product pom parent-groupid org.apache.httpcomponents Medium Product pom parent-artifactid httpcomponents-client Medium Product pom artifactid httpclient Highest Product pom name Apache HttpClient High Product file name httpclient High Product Manifest url http://hc.apache.org/httpcomponents-client Low Product jar package name client Highest Product pom url http://hc.apache.org/httpcomponents-client Medium Product jar package name apache Highest Product pom groupid apache.httpcomponents Highest Product Manifest specification-title HttpComponents Apache HttpClient Medium Product jar package name http Highest Product Manifest implementation-build tags/4.5.2-RC1/httpclient@r1731537; 2016-02-21 17:03:53+0100 Low Product Manifest Implementation-Title HttpComponents Apache HttpClient High Version file version 4.5.2 High Version Manifest Implementation-Version 4.5.2 High Version pom version 4.5.2 Highest
httpcore-4.4.4.jarDescription:
Apache HttpComponents Core (blocking I/O)
File Path: C:\Users\Jeremy\.m2\repository\org\apache\httpcomponents\httpcore\4.4.4\httpcore-4.4.4.jarMD5: e7776f2b03a4c62d691a90d3c68c93c0SHA1: b31526a230871fbe285fbcbe2813f9c0839ae9b0SHA256: f7bc09dc8a7003822d109634ffd3845d579d12e725ae54673e323a7ce7f5e325Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.httpcomponents Medium Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor pom url http://hc.apache.org/httpcomponents-core-ga Highest Vendor pom artifactid httpcore Low Vendor file name httpcore High Vendor Manifest url http://hc.apache.org/httpcomponents-core-ga Low Vendor Manifest implementation-build tags/4.4.4-RC1/httpcore@r1710658; 2015-10-26 18:15:56+0100 Low Vendor jar package name apache Highest Vendor pom parent-artifactid httpcomponents-core Low Vendor pom name Apache HttpCore High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.httpcomponents Highest Vendor Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Vendor pom groupid org.apache.httpcomponents Highest Product pom parent-groupid org.apache.httpcomponents Medium Product pom parent-artifactid httpcomponents-core Medium Product Manifest Implementation-Title HttpComponents Apache HttpCore High Product Manifest specification-title HttpComponents Apache HttpCore Medium Product file name httpcore High Product pom url http://hc.apache.org/httpcomponents-core-ga Medium Product Manifest url http://hc.apache.org/httpcomponents-core-ga Low Product Manifest implementation-build tags/4.4.4-RC1/httpcore@r1710658; 2015-10-26 18:15:56+0100 Low Product pom artifactid httpcore Highest Product jar package name apache Highest Product pom name Apache HttpCore High Product pom groupid apache.httpcomponents Highest Product Manifest implementation-url http://hc.apache.org/httpcomponents-core-ga Low Product jar package name http Highest Version pom version 4.4.4 Highest Version file version 4.4.4 High Version Manifest Implementation-Version 4.4.4 High
httpmime-4.5.2.jarDescription:
Apache HttpComponents HttpClient - MIME coded entities
File Path: C:\Users\Jeremy\.m2\repository\org\apache\httpcomponents\httpmime\4.5.2\httpmime-4.5.2.jarMD5: 336fa980f7527be719fa997f5df8046fSHA1: 22b4c53dd9b6761024258de8f9240c3dce6ea368SHA256: 231a3f7e4962053db2be8461d5422e68fc458a3a7dd7d8ada803a348e21f8f07Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.httpcomponents Medium Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor file name httpmime High Vendor Manifest url http://hc.apache.org/httpcomponents-client Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom parent-artifactid httpcomponents-client Low Vendor pom name Apache HttpClient Mime High Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.httpcomponents Highest Vendor jar package name mime Highest Vendor pom artifactid httpmime Low Vendor Manifest implementation-build tags/4.5.2-RC1/httpmime@r1731537; 2016-02-21 17:03:53+0100 Low Vendor pom groupid org.apache.httpcomponents Highest Vendor pom url http://hc.apache.org/httpcomponents-client Highest Product pom parent-groupid org.apache.httpcomponents Medium Product pom parent-artifactid httpcomponents-client Medium Product file name httpmime High Product Manifest url http://hc.apache.org/httpcomponents-client Low Product pom artifactid httpmime Highest Product pom url http://hc.apache.org/httpcomponents-client Medium Product jar package name apache Highest Product pom name Apache HttpClient Mime High Product pom groupid apache.httpcomponents Highest Product jar package name mime Highest Product Manifest specification-title HttpComponents Apache HttpClient Mime Medium Product Manifest Implementation-Title HttpComponents Apache HttpClient Mime High Product Manifest implementation-build tags/4.5.2-RC1/httpmime@r1731537; 2016-02-21 17:03:53+0100 Low Product jar package name http Highest Version file version 4.5.2 High Version Manifest Implementation-Version 4.5.2 High Version pom version 4.5.2 Highest
j2objc-annotations-1.3.jarDescription:
A set of annotations that provide additional information to the J2ObjC
translator to modify the result of translation.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\google\j2objc\j2objc-annotations\1.3\j2objc-annotations-1.3.jar
MD5: 5fa4ec4ec0c5aa70af8a7d4922df1931
SHA1: ba035118bc8bac37d7eff77700720999acd9986d
SHA256: 21af30c92267bd6122c0e0b4d20cccb6641a37eaf956c6540ec471d584e64a7b
Referenced In Project/Scope: dependency-plugin-tracker:provided
Evidence Type Source Name Value Confidence Vendor pom artifactid j2objc-annotations Low Vendor jar package name google Low Vendor jar package name j2objc Highest Vendor jar package name google Highest Vendor jar package name annotations Highest Vendor pom groupid com.google.j2objc Highest Vendor pom url google/j2objc/ Highest Vendor pom name J2ObjC Annotations High Vendor jar package name j2objc Low Vendor file name j2objc-annotations High Vendor pom groupid google.j2objc Highest Vendor jar package name annotations Low Product pom url google/j2objc/ High Product jar package name j2objc Highest Product pom name J2ObjC Annotations High Product jar package name google Highest Product jar package name annotations Highest Product pom artifactid j2objc-annotations Highest Product jar package name j2objc Low Product file name j2objc-annotations High Product pom groupid google.j2objc Highest Product jar package name annotations Low Version file version 1.3 High Version pom version 1.3 Highest
jackson-core-2.8.3.jarDescription:
Core Jackson abstractions, basic JSON streaming API implementation License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\fasterxml\jackson\core\jackson-core\2.8.3\jackson-core-2.8.3.jar
MD5: d5171b4313b86154ce722bb078209d6a
SHA1: 5e1dc37c96308851c3ff609c250dc849c4b12022
SHA256: b0e1727f9dbbc0e2d3534456c1d6420b362109cd47c41fabab7997bbb7194d0c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Jackson-core High Vendor jar package name fasterxml Highest Vendor pom url FasterXML/jackson-core Highest Vendor pom artifactid jackson-core Low Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor pom groupid fasterxml.jackson.core Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Vendor jar package name core Highest Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor jar package name jackson Highest Vendor file name jackson-core High Vendor Manifest specification-vendor FasterXML Low Vendor jar package name json Highest Vendor Manifest implementation-build-date 2016-09-18 01:26:20+0000 Low Vendor Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Vendor pom parent-artifactid jackson-parent Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor Manifest Implementation-Vendor FasterXML High Product pom name Jackson-core High Product jar package name fasterxml Highest Product pom parent-artifactid jackson-parent Medium Product Manifest specification-title Jackson-core Medium Product pom groupid fasterxml.jackson.core Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product jar package name core Highest Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-core Medium Product Manifest Implementation-Title Jackson-core High Product jar package name version Highest Product pom parent-groupid com.fasterxml.jackson Medium Product jar package name jackson Highest Product file name jackson-core High Product jar package name json Highest Product Manifest implementation-build-date 2016-09-18 01:26:20+0000 Low Product Manifest bundle-docurl https://github.com/FasterXML/jackson-core Low Product pom artifactid jackson-core Highest Product jar package name filter Highest Product pom url FasterXML/jackson-core High Product Manifest Bundle-Name Jackson-core Medium Version pom parent-version 2.8.3 Low Version pom version 2.8.3 Highest Version file version 2.8.3 High Version Manifest Implementation-Version 2.8.3 High Version Manifest Bundle-Version 2.8.3 High
Related Dependencies jackson-annotations-2.8.3.jarFile Path: C:\Users\Jeremy\.m2\repository\com\fasterxml\jackson\core\jackson-annotations\2.8.3\jackson-annotations-2.8.3.jar MD5: 22f44f0c58a2cc36d4949310a06f85f8 SHA1: c4ed3d7e204b1870f3b72f09bbe68ba1f9a55f57 SHA256: 4aee65071dfd3bbba3476a971ebff8b0d77402f84dd8a0c5f7580d27a7ce611d pkg:maven/com.fasterxml.jackson.core/jackson-annotations@2.8.3 jackson-databind-2.8.3.jarDescription:
General data-binding functionality for Jackson: works on core streaming API License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\fasterxml\jackson\core\jackson-databind\2.8.3\jackson-databind-2.8.3.jar
MD5: 74f5c9530150a823e6cc51f9711ac2b5
SHA1: cea3788c72271d45676ce32c0665991674b24cc5
SHA256: 3e207264b4c1d8235ad048929f34f0a868ebcd7154e0eaeed6c4f7dda3a2b8c5
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid jackson-databind Low Vendor jar package name fasterxml Highest Vendor file name jackson-databind High Vendor Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Vendor Manifest implementation-build-date 2016-09-18 01:29:59+0000 Low Vendor jar package name databind Highest Vendor Manifest Implementation-Vendor-Id com.fasterxml.jackson.core Medium Vendor pom groupid fasterxml.jackson.core Highest Vendor pom url http://github.com/FasterXML/jackson Highest Vendor pom name jackson-databind High Vendor pom parent-groupid com.fasterxml.jackson Medium Vendor jar package name jackson Highest Vendor Manifest specification-vendor FasterXML Low Vendor Manifest bundle-docurl http://github.com/FasterXML/jackson Low Vendor pom parent-artifactid jackson-parent Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor pom groupid com.fasterxml.jackson.core Highest Vendor Manifest Implementation-Vendor FasterXML High Product jar package name fasterxml Highest Product file name jackson-databind High Product Manifest bundle-symbolicname com.fasterxml.jackson.core.jackson-databind Medium Product pom parent-artifactid jackson-parent Medium Product Manifest implementation-build-date 2016-09-18 01:29:59+0000 Low Product Manifest Implementation-Title jackson-databind High Product Manifest specification-title jackson-databind Medium Product pom url http://github.com/FasterXML/jackson Medium Product jar package name databind Highest Product pom groupid fasterxml.jackson.core Highest Product pom name jackson-databind High Product pom parent-groupid com.fasterxml.jackson Medium Product jar package name jackson Highest Product Manifest bundle-docurl http://github.com/FasterXML/jackson Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product pom artifactid jackson-databind Highest Product Manifest Bundle-Name jackson-databind Medium Version pom parent-version 2.8.3 Low Version pom version 2.8.3 Highest Version file version 2.8.3 High Version Manifest Implementation-Version 2.8.3 High Version Manifest Bundle-Version 2.8.3 High
Published Vulnerabilities CVE-2017-15095 suppress
A deserialization flaw was discovered in the jackson-databind in versions before 2.8.10 and 2.9.1, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. This issue extends the previous flaw CVE-2017-7525 by blacklisting more classes that could be used maliciously. \ CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2017-17485 suppress
FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the Spring libraries are available in the classpath. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2017-7525 suppress
A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, which could allow an unauthenticated user to perform code execution by sending the maliciously crafted input to the readValue method of the ObjectMapper. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
BID - 99623 CONFIRM - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html CONFIRM - http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html CONFIRM - http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=1462702 CONFIRM - https://cwiki.apache.org/confluence/display/WW/S2-055 CONFIRM - https://github.com/FasterXML/jackson-databind/issues/1599 CONFIRM - https://github.com/FasterXML/jackson-databind/issues/1723 CONFIRM - https://security.netapp.com/advisory/ntap-20171214-0002/ CONFIRM - https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03902en_us CONFIRM - https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html DEBIAN - DSA-4004 MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html MISC - https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html MLIST - [cassandra-commits] 20191113 [jira] [Created] (CASSANDRA-15416) CVE-2017-7525 ( jackson-databind is vulnerable to Remote Code Execution) on version 3.11.4 MLIST - [debian-lts-announce] 20200131 [SECURITY] [DLA 2091-1] libjackson-json-java security update MLIST - [debian-lts-announce] 20200824 [SECURITY] [DLA 2342-1] libjackson-json-java security update MLIST - [druid-commits] 20191115 [GitHub] [incubator-druid] ccaominh opened a new pull request #8878: Address security vulnerabilities MLIST - [lucene-dev] 20190325 [jira] [Assigned] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... MLIST - [lucene-dev] 20190325 [jira] [Closed] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... MLIST - [lucene-dev] 20190325 [jira] [Resolved] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... MLIST - [lucene-dev] 20190325 [jira] [Updated] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... MLIST - [lucene-dev] 20190325 [jira] [Updated] (SOLR-13110) CVE-2017-7525 Threat Level 9 Against Solr v7.6. org.codehaus.jackson : jackson-mapper-asl : 1.9.13. .A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1, 2.7.9.1 and 2.8.9, ... MLIST - [lucene-solr-user] 20190104 Re: SOLR v7 Security Issues Caused Denial of Use - Sonatype Application Composition Report MLIST - [lucene-solr-user] 20191218 CVE-2017-7525 fix for Solr 7.7.x MLIST - [lucene-solr-user] 20191218 Re: CVE-2017-7525 fix for Solr 7.7.x MLIST - [lucene-solr-user] 20191219 Re: CVE-2017-7525 fix for Solr 7.7.x OSSINDEX - [CVE-2017-7525] Deserialization of Untrusted Data REDHAT - RHSA-2017:1834 REDHAT - RHSA-2017:1835 REDHAT - RHSA-2017:1836 REDHAT - RHSA-2017:1837 REDHAT - RHSA-2017:1839 REDHAT - RHSA-2017:1840 REDHAT - RHSA-2017:2477 REDHAT - RHSA-2017:2546 REDHAT - RHSA-2017:2547 REDHAT - RHSA-2017:2633 REDHAT - RHSA-2017:2635 REDHAT - RHSA-2017:2636 REDHAT - RHSA-2017:2637 REDHAT - RHSA-2017:2638 REDHAT - RHSA-2017:3141 REDHAT - RHSA-2017:3454 REDHAT - RHSA-2017:3455 REDHAT - RHSA-2017:3456 REDHAT - RHSA-2017:3458 REDHAT - RHSA-2018:0294 REDHAT - RHSA-2018:0342 REDHAT - RHSA-2018:1449 REDHAT - RHSA-2018:1450 REDHAT - RHSA-2019:0910 REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:3149 SECTRACK - 1039744 SECTRACK - 1039947 SECTRACK - 1040360 Vulnerable Software & Versions: (show all )
CVE-2018-1000873 suppress
Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation vulnerability in Jackson-Modules-Java8 that can result in Causes a denial-of-service (DoS). This attack appear to be exploitable via The victim deserializes malicious input, specifically very large values in the nanoseconds field of a time value. This vulnerability appears to have been fixed in 2.9.8. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-11307 suppress
An issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.5. Use of Jackson default typing along with a gadget class from iBatis allows exfiltration of content. Fixed in 2.7.9.4, 2.8.11.2, and 2.9.6. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-12022 suppress
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Jodd-db jar (for database access for the Jodd framework) in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.1) Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-12023 suppress
An issue was discovered in FasterXML jackson-databind prior to 2.7.9.4, 2.8.11.2, and 2.9.6. When Default Typing is enabled (either globally or for a specific property), the service has the Oracle JDBC jar in the classpath, and an attacker can provide an LDAP service to access, it is possible to make the service execute a malicious payload. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.1) Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14718 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the slf4j-ext class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14719 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14720 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. CWE-611 Improper Restriction of XML External Entity Reference ('XXE'), CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-14721 suppress
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic deserialization. CWE-918 Server-Side Request Forgery (SSRF)
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (10.0) Vector: /AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-19360 suppress
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the axis2-transport-jms class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-19361 suppress
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-19362 suppress
FasterXML jackson-databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the jboss-common-core class from polymorphic deserialization. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-5968 suppress
FasterXML jackson-databind through 2.8.11 and 2.9.x through 2.9.3 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 and CVE-2017-17485 deserialization flaws. This is exploitable via two different gadgets that bypass a blacklist. CWE-502 Deserialization of Untrusted Data, CWE-184 Incomplete Blacklist
CVSSv2:
Base Score: MEDIUM (5.1) Vector: /AV:N/AC:H/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-7489 suppress
FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readValue method of the ObjectMapper, bypassing a blacklist that is ineffective if the c3p0 libraries are available in the classpath. CWE-502 Deserialization of Untrusted Data, CWE-184 Incomplete Blacklist
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-12086 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint, the service has the mysql-connector-java jar (8.0.14 or earlier) in the classpath, and an attacker can host a crafted MySQL server reachable by the victim, an attacker can send a crafted JSON message that allows them to read arbitrary local files on the server. This occurs because of missing com.mysql.cj.jdbc.admin.MiniAdmin validation. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2019-12384 suppress
FasterXML jackson-databind 2.x before 2.9.9.1 might allow attackers to have a variety of impacts by leveraging failure to block the logback-core class from polymorphic deserialization. Depending on the classpath content, remote code execution may be possible. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N References:
BUGTRAQ - 20191007 [SECURITY] [DSA 4542-1] jackson-databind security update CONFIRM - https://lists.debian.org/debian-lts-announce/2019/06/msg00019.html CONFIRM - https://security.netapp.com/advisory/ntap-20190703-0002/ DEBIAN - DSA-4542 FEDORA - FEDORA-2019-99ff6aa32c FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://blog.doyensec.com/2019/07/22/jackson-gadgets.html MISC - https://doyensec.com/research.html MISC - https://github.com/FasterXML/jackson-databind/compare/74b90a4...a977aad MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [geode-notifications] 20191007 [GitHub] [geode] jmelchio commented on issue #4102: Fix for GEODE-7255: Pickup Jackson CVE fix MLIST - [nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html MLIST - [nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 N/A - N/A OSSINDEX - [CVE-2019-12384] Deserialization of Untrusted Data REDHAT - RHSA-2019:1820 REDHAT - RHSA-2019:2720 REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:2935 REDHAT - RHSA-2019:2936 REDHAT - RHSA-2019:2937 REDHAT - RHSA-2019:2938 REDHAT - RHSA-2019:2998 REDHAT - RHSA-2019:3149 REDHAT - RHSA-2019:3200 REDHAT - RHSA-2019:3292 REDHAT - RHSA-2019:3297 REDHAT - RHSA-2019:3901 REDHAT - RHSA-2019:4352 Vulnerable Software & Versions: (show all )
CVE-2019-12814 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x through 2.9.9. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has JDOM 1.x or 2.x jar in the classpath, an attacker can send a specifically crafted JSON message that allows them to read arbitrary local files on the server. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N References:
CONFIRM - https://github.com/FasterXML/jackson-databind/issues/2341 CONFIRM - https://security.netapp.com/advisory/ntap-20190625-0006/ FEDORA - FEDORA-2019-99ff6aa32c FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [accumulo-commits] 20190723 [accumulo] branch 2.0 updated: Fix CVE-2019-12814 Use jackson-databind 2.9.9.1 MLIST - [cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities MLIST - [debian-lts-announce] 20190621 [SECURITY] [DLA 1831-1] jackson-databind security update MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [geode-notifications] 20191007 [GitHub] [geode] jmelchio commented on issue #4102: Fix for GEODE-7255: Pickup Jackson CVE fix MLIST - [nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html MLIST - [nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [zookeeper-dev] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190623 [jira] [Created] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190623 [jira] [Updated] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190708 [jira] [Commented] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190712 [jira] [Assigned] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190712 [jira] [Commented] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190712 [jira] [Resolved] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-issues] 20190713 [jira] [Updated] (ZOOKEEPER-3441) OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190623 [GitHub] [zookeeper] eolivelli opened a new pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli closed pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190624 [GitHub] [zookeeper] eolivelli commented on issue #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190624 [GitHub] [zookeeper] phunt commented on a change in pull request #1001: ZOOKEEPER-3441 OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt closed pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 MLIST - [zookeeper-notifications] 20190710 [GitHub] [zookeeper] phunt opened a new pull request #1013: ZOOKEEPER-3441: OWASP is flagging jackson-databind-2.9.9.jar for CVE-2019-12814 OSSINDEX - [CVE-2019-12814] Information Exposure REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:2935 REDHAT - RHSA-2019:2936 REDHAT - RHSA-2019:2937 REDHAT - RHSA-2019:2938 REDHAT - RHSA-2019:3044 REDHAT - RHSA-2019:3045 REDHAT - RHSA-2019:3046 REDHAT - RHSA-2019:3050 REDHAT - RHSA-2019:3149 REDHAT - RHSA-2019:3200 REDHAT - RHSA-2019:3292 REDHAT - RHSA-2019:3297 Vulnerable Software & Versions: (show all )
CVE-2019-14379 suppress
SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles default typing when ehcache is used (because of net.sf.ehcache.transaction.manager.DefaultTransactionManagerLookup), leading to remote code execution. CWE-915 Improperly Controlled Modification of Dynamically-Determined Object Attributes
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20190814-0001/ FEDORA - FEDORA-2019-99ff6aa32c FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2 MISC - https://github.com/FasterXML/jackson-databind/issues/2387 MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [ambari-commits] 20190813 [ambari] branch branch-2.7 updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379 (#3066) MLIST - [ambari-commits] 20190813 [ambari] branch trunk updated: AMBARI-25352 : Upgrade fasterxml jackson dependency due to CVE-2019-14379(trunk) (#3067) MLIST - [bookkeeper-issues] 20200729 [GitHub] [bookkeeper] padma81 opened a new issue #2387: Security vulnerabilities in the apache/bookkeeper-4.9.2 image MLIST - [debian-lts-announce] 20190812 [SECURITY] [DLA 1879-1] jackson-databind security update MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] mccheah opened a new pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue closed pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #533: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue merged pull request #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191010 [GitHub] [incubator-iceberg] rdblue opened a new pull request #533: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [iceberg-issues] 20191027 [GitHub] [incubator-iceberg] rdsr commented on issue #535: Update Jackson to 2.9.10 for CVE-2019-14379 MLIST - [pulsar-commits] 20190822 [GitHub] [pulsar] massakam opened a new pull request #5011: [security] Upgrade jackson-databind MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tinkerpop-commits] 20190924 [GitHub] [tinkerpop] justinchuch opened a new pull request #1200: Upgrade jackson due to CVE issues MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 N/A - N/A OSSINDEX - [CVE-2019-14379] SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles de... REDHAT - RHBA-2019:2824 REDHAT - RHSA-2019:2743 REDHAT - RHSA-2019:2858 REDHAT - RHSA-2019:2935 REDHAT - RHSA-2019:2936 REDHAT - RHSA-2019:2937 REDHAT - RHSA-2019:2938 REDHAT - RHSA-2019:2998 REDHAT - RHSA-2019:3044 REDHAT - RHSA-2019:3045 REDHAT - RHSA-2019:3046 REDHAT - RHSA-2019:3050 REDHAT - RHSA-2019:3149 REDHAT - RHSA-2019:3200 REDHAT - RHSA-2019:3292 REDHAT - RHSA-2019:3297 REDHAT - RHSA-2019:3901 REDHAT - RHSA-2020:0727 Vulnerable Software & Versions: (show all )
CVE-2019-14439 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x before 2.9.9.2. This occurs when Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the logback jar in the classpath. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
BUGTRAQ - 20191007 [SECURITY] [DSA 4542-1] jackson-databind security update CONFIRM - https://security.netapp.com/advisory/ntap-20190814-0001/ DEBIAN - DSA-4542 FEDORA - FEDORA-2019-ae6a703b8f FEDORA - FEDORA-2019-fb23eccc03 MISC - https://github.com/FasterXML/jackson-databind/commit/ad418eeb974e357f2797aef64aa0e3ffaaa6125b MISC - https://github.com/FasterXML/jackson-databind/compare/jackson-databind-2.9.9.1...jackson-databind-2.9.9.2 MISC - https://github.com/FasterXML/jackson-databind/issues/2389 MISC - https://www.oracle.com/security-alerts/cpujan2020.html MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html MLIST - [cassandra-commits] 20190919 [jira] [Created] (CASSANDRA-15328) Bump jackson version to >= 2.9.9.3 to address security vulnerabilities MLIST - [debian-lts-announce] 20190812 [SECURITY] [DLA 1879-1] jackson-databind security update MLIST - [drill-dev] 20191017 Dependencies used by Drill contain known vulnerabilities MLIST - [drill-dev] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [drill-issues] 20191021 [jira] [Created] (DRILL-7416) Updates required to dependencies to resolve potential security vulnerabilities MLIST - [nifi-commits] 20191113 svn commit: r1869773 - /nifi/site/trunk/security.html MLIST - [nifi-commits] 20200123 svn commit: r1873083 - /nifi/site/trunk/security.html MLIST - [struts-dev] 20190908 Build failed in Jenkins: Struts-master-JDK8-dependency-check #204 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] asf-ci commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] robert-schaft-hon commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190905 [GitHub] [tomee] rzo1 opened a new pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190906 [GitHub] [tomee] rzo1 commented on issue #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #548: [TOMEE-2655] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 MLIST - [tomee-dev] 20190909 [GitHub] [tomee] jgallimore merged pull request #549: [TOMEE-2655] [7.1.x] Updates jackson-databind to 2.9.9.3 to mitigate CVE-2019-12384, CVE-2019-12814, CVE-2019-14379 and CVE-2019-14439 N/A - N/A OSSINDEX - [CVE-2019-14439] A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x befo... REDHAT - RHSA-2019:3200 Vulnerable Software & Versions: (show all )
CVE-2019-14540 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariConfig. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2019-14892 suppress
A flaw was discovered in jackson-databind in versions before 2.9.10, 2.8.11.5 and 2.6.7.3, where it would permit polymorphic deserialization of a malicious object using commons-configuration 1 and 2 JNDI classes. An attacker could use this flaw to execute arbitrary code. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-14893 suppress
A flaw was discovered in FasterXML jackson-databind in all versions before 2.9.10 and 2.10.0, where it would permit polymorphic deserialization of malicious objects using the xalan JNDI gadget when used in conjunction with polymorphic type handling methods such as `enableDefaultTyping()` or when @JsonTypeInfo is using `Id.CLASS` or `Id.MINIMAL_CLASS` or in any other way which ObjectMapper.readValue might instantiate objects from unsafe sources. An attacker could use this flaw to execute arbitrary code. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2019-16335 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2019-16942 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the commons-dbcp (1.4) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of org.apache.commons.dbcp.datasources.SharedPoolDataSource and org.apache.commons.dbcp.datasources.PerUserPoolDataSource mishandling. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2019-16943 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the p6spy (3.8.6) jar in the classpath, and an attacker can find an RMI service endpoint to access, it is possible to make the service execute a malicious payload. This issue exists because of com.p6spy.engine.spy.P6DataSource mishandling. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2019-17267 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to net.sf.ehcache.hibernate.EhcacheJtaTransactionManagerLookup. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2019-17531 suppress
A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.0.0 through 2.9.10. When Default Typing is enabled (either globally or for a specific property) for an externally exposed JSON endpoint and the service has the apache-log4j-extra (version 1.2.x) jar in the classpath, and an attacker can provide a JNDI service to access, it is possible to make the service execute a malicious payload. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2019-20330 suppress
FasterXML jackson-databind 2.x before 2.9.10.2 lacks certain net.sf.ehcache blocking. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-10672 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.aries.transaction.jms.internal.XaPooledConnectionFactory (aka aries.transaction.jms). NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-10673 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.caucho.config.types.ResourceRef (aka caucho-quercus). NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-10968 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.aoju.bus.proxy.provider.remoting.RmiProvider (aka bus-proxy). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-10969 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to javax.swing.JEditorPane. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-11111 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.activemq.* (aka activemq-jms, activemq-core, activemq-pool, and activemq-pool-jms). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-11112 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.proxy.provider.remoting.RmiProvider (aka apache/commons-proxy). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-11113 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.openjpa.ee.WASRegistryManagedRuntime (aka openjpa). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-11619 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.springframework.aop.config.MethodLocatingFactoryBean (aka spring-aop). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-11620 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.jelly.impl.Embedded (aka commons-jelly). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-14060 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.xalan.lib.sql.JNDIConnectionPool (aka apache/drill). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-14061 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to oracle.jms.AQjmsQueueConnectionFactory, oracle.jms.AQjmsXATopicConnectionFactory, oracle.jms.AQjmsTopicConnectionFactory, oracle.jms.AQjmsXAQueueConnectionFactory, and oracle.jms.AQjmsXAConnectionFactory (aka weblogic/oracle-aqjms). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-14062 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to com.sun.org.apache.xalan.internal.lib.sql.JNDIConnectionPool (aka xalan2). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-14195 suppress
FasterXML jackson-databind 2.x before 2.9.10.5 mishandles the interaction between serialization gadgets and typing, related to org.jsecurity.realm.jndi.JndiRealmFactory (aka org.jsecurity). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-24616 suppress
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPDataSource (aka Anteros-DBCP). CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-24750 suppress
FasterXML jackson-databind 2.x before 2.9.10.6 mishandles the interaction between serialization gadgets and typing, related to com.pastdev.httpcomponents.configuration.JndiConfiguration. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-8840 suppress
FasterXML jackson-databind 2.0.0 through 2.9.10.2 lacks certain xbean-reflect/JNDI blocking, as demonstrated by org.apache.xbean.propertyeditor.JndiConverter. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-9546 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hikari-config). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20200904-0006/ MISC - https://github.com/FasterXML/jackson-databind/issues/2631 MISC - https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E MISC - https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MLIST - [debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 OSSINDEX - [CVE-2020-9546] FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee... Vulnerable Software & Versions:
CVE-2020-9547 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibatis-sqlmap). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20200904-0006/ MISC - https://github.com/FasterXML/jackson-databind/issues/2634 MISC - https://lists.apache.org/thread.html/r4accb2e0de9679174efd3d113a059bab71ff3ec53e882790d21c1cc1@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/r742ef70d126548dcf7de5be5779355c9d76a9aec71d7a9ef02c6398a@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/r893a0104e50c1c2559eb9a5812add28ae8c3e5f43712947a9847ec18@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/ra3e90712f2d59f8cef03fa796f5adf163d32b81fe7b95385f21790e6@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/rc0d5d0f72da1ed6fc5e438b1ddb3fa090c73006b55f873cf845375ab@%3Cnotifications.zookeeper.apache.org%3E MISC - https://lists.apache.org/thread.html/redbe4f1e21bf080f637cf9fbec47729750a2f443a919765360337428@%3Cnotifications.zookeeper.apache.org%3E MISC - https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MLIST - [debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [zookeeper-dev] 20200307 Build failed in Jenkins: PreCommit-ZOOKEEPER-github-pr-build-maven #1898 MLIST - [zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 OSSINDEX - [CVE-2020-9547] FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee... Vulnerable Software & Versions:
CVE-2020-9548 suppress
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
CONFIRM - https://security.netapp.com/advisory/ntap-20200904-0006/ MISC - https://github.com/FasterXML/jackson-databind/issues/2634 MISC - https://medium.com/@cowtowncoder/on-jackson-cves-dont-panic-here-is-what-you-need-to-know-54cd0d6e8062 MISC - https://www.oracle.com/security-alerts/cpujul2020.html MISC - https://www.oracle.com/security-alerts/cpuoct2020.html MLIST - [debian-lts-announce] 20200305 [SECURITY] [DLA 2135-1] jackson-databind security update MLIST - [geode-issues] 20200831 [jira] [Created] (GEODE-8471) Dependency security issues in geode-core-1.12 MLIST - [zookeeper-dev] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Created] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200307 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200308 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Commented] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200319 [jira] [Updated] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 MLIST - [zookeeper-issues] 20200430 [jira] [Resolved] (ZOOKEEPER-3750) update jackson-databind to address CVE-2020-9547, CVE-2020-9548, CVE-2020-9546 OSSINDEX - [CVE-2020-9548] FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction betwee... Vulnerable Software & Versions:
jacoco-maven-plugin-0.8.6.jarDescription:
The JaCoCo Maven Plugin provides the JaCoCo runtime agent to your tests and allows basic report creation. File Path: C:\Users\Jeremy\.m2\repository\org\jacoco\jacoco-maven-plugin\0.8.6\jacoco-maven-plugin-0.8.6.jarMD5: d190fa7e1853945e1a0a3e119e317874SHA1: 04af30f98b121fc97144869ed98bcec45e8fc93cSHA256: cf3bdbca1176f3218b7b09ab6a5b65e37aa53710b50595d69d5ae6dd9fa2d7e9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.jacoco Highest Vendor jar package name jacoco Highest Vendor pom parent-groupid org.jacoco Medium Vendor pom artifactid jacoco-maven-plugin Low Vendor pom groupid jacoco Highest Vendor jar package name maven Highest Vendor pom name JaCoCo :: Maven Plugin High Vendor jar package name maven Low Vendor file name jacoco-maven-plugin High Vendor pom parent-artifactid org.jacoco.build Low Vendor jar package name jacoco Low Product jar package name jacoco Highest Product pom parent-groupid org.jacoco Medium Product pom groupid jacoco Highest Product pom artifactid jacoco-maven-plugin Highest Product jar package name maven Highest Product pom parent-artifactid org.jacoco.build Medium Product pom name JaCoCo :: Maven Plugin High Product jar package name maven Low Product file name jacoco-maven-plugin High Version pom version 0.8.6 Highest Version file version 0.8.6 High
jakarta.activation-1.2.2.jarDescription:
Jakarta Activation License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\activation\jakarta.activation\1.2.2\jakarta.activation-1.2.2.jar
MD5: 0b8bee3bf29b9a015f8b992035581a7c
SHA1: 74548703f9851017ce2f556066659438019e7eb5
SHA256: 02156773e4ae9d048d14a56ad35d644bee9f1052a791d072df3ded3c656e6e1a
Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name Jakarta Activation High Vendor pom groupid sun.activation Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest extension-name jakarta.activation Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=9.0))" Low Vendor jar package name sun Highest Vendor Manifest bundle-symbolicname com.sun.activation.jakarta.activation Medium Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor jar package name activation Highest Vendor pom artifactid jakarta.activation Low Vendor file name jakarta.activation High Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor jar (hint) package name oracle Highest Vendor pom parent-artifactid all Low Vendor pom groupid com.sun.activation Highest Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom parent-groupid com.sun.activation Medium Product pom name Jakarta Activation High Product pom groupid sun.activation Highest Product Manifest Bundle-Name Jakarta Activation Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest extension-name jakarta.activation Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=9.0))" Low Product jar package name sun Highest Product jar package name javax Highest Product Manifest Implementation-Title javax.activation High Product Manifest bundle-symbolicname com.sun.activation.jakarta.activation Medium Product jar package name activation Highest Product file name jakarta.activation High Product Manifest specification-title Jakarta Activation Specification Medium Product pom artifactid jakarta.activation Highest Product pom parent-artifactid all Medium Product pom parent-groupid com.sun.activation Medium Version file version 1.2.2 High Version Manifest Implementation-Version 1.2.2 High Version Manifest Bundle-Version 1.2.2 High Version pom version 1.2.2 Highest
jakarta.annotation-api-1.3.5.jarDescription:
Jakarta Annotations API License:
EPL 2.0: http://www.eclipse.org/legal/epl-2.0
GPL2 w/ CPE: https://www.gnu.org/software/classpath/license.html File Path: C:\Users\Jeremy\.m2\repository\jakarta\annotation\jakarta.annotation-api\1.3.5\jakarta.annotation-api-1.3.5.jar
MD5: 8b165cf58df5f8c2a222f637c0a07c97
SHA1: 59eb84ee0d616332ff44aba065f3888cf002cd2d
SHA256: 85fb03fc054cdf4efca8efd9b6712bbb418e1ab98241c4539c8585bbc23e1b8a
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor file name jakarta.annotation-api High Vendor pom artifactid jakarta.annotation-api Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name annotation Highest Vendor pom groupid jakarta.annotation Highest Vendor Manifest automatic-module-name java.annotation Medium Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor pom parent-artifactid ca-parent Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest bundle-symbolicname jakarta.annotation-api Medium Vendor Manifest extension-name jakarta.annotation Medium Vendor pom url https://projects.eclipse.org/projects/ee4j.ca Highest Vendor Manifest specification-vendor Eclipse Foundation Low Vendor pom name Jakarta Annotations API High Product pom artifactid jakarta.annotation-api Highest Product pom parent-artifactid ca-parent Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product file name jakarta.annotation-api High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom url https://projects.eclipse.org/projects/ee4j.ca Medium Product jar package name annotation Highest Product Manifest automatic-module-name java.annotation Medium Product pom groupid jakarta.annotation Highest Product Manifest Bundle-Name Jakarta Annotations API Medium Product Manifest bundle-symbolicname jakarta.annotation-api Medium Product Manifest extension-name jakarta.annotation Medium Product pom name Jakarta Annotations API High Version Manifest Bundle-Version 1.3.5 High Version Manifest Implementation-Version 1.3.5 High Version file version 1.3.5 High Version pom version 1.3.5 Highest
jakarta.jws-api-2.1.0.jarDescription:
Jakarta Web Services Metadata API License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\jakarta\jws\jakarta.jws-api\2.1.0\jakarta.jws-api-2.1.0.jar
MD5: 9e3bc505722b1e84535d7edb3d582ca1
SHA1: 7d283ef13e49c1422701e30639371edca788c609
SHA256: d4c321f47a72001977fa11d2df408db23bf5f46e954aeb2c6f1ecda4dfef8fd8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest extension-name jakarta.jws Medium Vendor jar package name jws Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.jws-api Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest implementation-build-id 2.1.0-RELEASE-2072849 Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom parent-artifactid project Low Vendor pom artifactid jakarta.jws-api Low Vendor file name jakarta.jws-api High Vendor pom name Jakarta Web Services Metadata API High Vendor pom url eclipse-ee4j/jws-api Highest Vendor Manifest build-jdk-spec 11 Low Vendor pom groupid jakarta.jws Highest Vendor Manifest specification-vendor Eclipse Foundation Low Product pom url eclipse-ee4j/jws-api High Product Manifest extension-name jakarta.jws Medium Product pom parent-artifactid project Medium Product jar package name jws Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest bundle-symbolicname jakarta.jws-api Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest implementation-build-id 2.1.0-RELEASE-2072849 Low Product pom parent-groupid org.eclipse.ee4j Medium Product Manifest Bundle-Name Jakarta Web Services Metadata API Medium Product file name jakarta.jws-api High Product pom name Jakarta Web Services Metadata API High Product Manifest build-jdk-spec 11 Low Product pom artifactid jakarta.jws-api Highest Product pom groupid jakarta.jws Highest Version pom parent-version 2.1.0 Low Version Manifest Bundle-Version 2.1.0 High Version Manifest Implementation-Version 2.1.0 High Version file version 2.1.0 High Version pom version 2.1.0 Highest
jakarta.xml.bind-api-2.3.3.jarDescription:
Jakarta XML Binding API 2.3 Design Specification License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\jakarta\xml\bind\jakarta.xml.bind-api\2.3.3\jakarta.xml.bind-api-2.3.3.jar
MD5: 61286918ca0192e9f87d1358aef718dd
SHA1: 48e3b9cfc10752fba3521d6511f4165bea951801
SHA256: c04539f472e9a6dd0c7685ea82d677282269ab8e7baca2e14500e381e0c6cec5
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name bind Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest extension-name jakarta.xml.bind Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor Manifest bundle-symbolicname jakarta.xml.bind-api Medium Vendor pom artifactid jakarta.xml.bind-api Low Vendor jar package name xml Highest Vendor Manifest multi-release true Low Vendor pom groupid jakarta.xml.bind Highest Vendor Manifest implementation-build-id 2.3.3-RELEASE-fd06b2b Low Vendor pom name Jakarta XML Binding API High Vendor file name jakarta.xml.bind-api High Vendor Manifest build-jdk-spec 11 Low Vendor pom parent-artifactid jakarta.xml.bind-api-parent Low Vendor Manifest specification-vendor Eclipse Foundation Low Product jar package name bind Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest extension-name jakarta.xml.bind Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest bundle-symbolicname jakarta.xml.bind-api Medium Product jar package name xml Highest Product Manifest multi-release true Low Product pom groupid jakarta.xml.bind Highest Product Manifest Bundle-Name Jakarta XML Binding API Medium Product Manifest implementation-build-id 2.3.3-RELEASE-fd06b2b Low Product pom name Jakarta XML Binding API High Product file name jakarta.xml.bind-api High Product Manifest build-jdk-spec 11 Low Product pom parent-artifactid jakarta.xml.bind-api-parent Medium Product pom artifactid jakarta.xml.bind-api Highest Version pom version 2.3.3 Highest Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version file version 2.3.3 High
jakarta.xml.soap-api-1.4.2.jarDescription:
Provides the API for creating and building SOAP messages. License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\jakarta\xml\soap\jakarta.xml.soap-api\1.4.2\jakarta.xml.soap-api-1.4.2.jar
MD5: d19eb8a4a5401296985db733868425e0
SHA1: 4f71fa8ca30be4d04ba658339df3c927fa21209a
SHA256: 0b2e9db574869c09b18e7fe87482be2e4e14b3f3cc8207646595806eede77706
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name soap Highest Vendor Manifest implementation-build-id 1.4.2-RELEASE-27e9ccd Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest extension-name jakarta.xml.soap Medium Vendor Manifest bundle-symbolicname jakarta.xml.soap-api Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom artifactid jakarta.xml.soap-api Low Vendor pom url eclipse-ee4j/saaj-api Highest Vendor jar package name xml Highest Vendor file name jakarta.xml.soap-api High Vendor pom parent-artifactid project Low Vendor pom groupid jakarta.xml.soap Highest Vendor pom name Jakarta SOAP with Attachments API High Vendor Manifest build-jdk-spec 11 Low Vendor Manifest specification-vendor Eclipse Foundation Low Product pom parent-artifactid project Medium Product jar package name soap Highest Product Manifest implementation-build-id 1.4.2-RELEASE-27e9ccd Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest extension-name jakarta.xml.soap Medium Product Manifest bundle-symbolicname jakarta.xml.soap-api Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom parent-groupid org.eclipse.ee4j Medium Product Manifest Bundle-Name Jakarta SOAP with Attachments API Medium Product jar package name xml Highest Product file name jakarta.xml.soap-api High Product pom groupid jakarta.xml.soap Highest Product pom artifactid jakarta.xml.soap-api Highest Product pom name Jakarta SOAP with Attachments API High Product Manifest build-jdk-spec 11 Low Product pom url eclipse-ee4j/saaj-api High Version pom parent-version 1.4.2 Low Version file version 1.4.2 High Version Manifest Implementation-Version 1.4.2 High Version pom version 1.4.2 Highest Version Manifest Bundle-Version 1.4.2 High
jakarta.xml.ws-api-2.3.3.jarDescription:
Jakarta XML Web Services API License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\jakarta\xml\ws\jakarta.xml.ws-api\2.3.3\jakarta.xml.ws-api-2.3.3.jar
MD5: ce470c38b9dbdcb8e505d41d767be748
SHA1: 529fe0136be92861e5a255fbc99146f1943c4332
SHA256: c8e0ba03c47cd5e996fd5d83540caaeab69cd8d531f128318d88e15467d112c1
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid jakarta.xml.ws-api Low Vendor pom groupid jakarta.xml.ws Highest Vendor jar package name ws Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest bundle-symbolicname jakarta.xml.ws-api Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom url eclipse-ee4j/jax-ws-api Highest Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor jar package name xml Highest Vendor pom parent-artifactid project Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor hint analyzer vendor web services Medium Vendor pom name Jakarta XML Web Services API High Vendor Manifest build-jdk-spec 11 Low Vendor Manifest implementation-build-id 2.3.3-RELEASE-126af43 Low Vendor Manifest specification-vendor Eclipse Foundation Low Vendor file name jakarta.xml.ws-api High Vendor Manifest extension-name jakarta.xml.ws Medium Product pom parent-artifactid project Medium Product pom url eclipse-ee4j/jax-ws-api High Product pom groupid jakarta.xml.ws Highest Product Manifest Bundle-Name Jakarta XML Web Services API Medium Product jar package name ws Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest bundle-symbolicname jakarta.xml.ws-api Medium Product hint analyzer product web services Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom parent-groupid org.eclipse.ee4j Medium Product jar package name xml Highest Product pom name Jakarta XML Web Services API High Product pom artifactid jakarta.xml.ws-api Highest Product Manifest build-jdk-spec 11 Low Product Manifest implementation-build-id 2.3.3-RELEASE-126af43 Low Product file name jakarta.xml.ws-api High Product Manifest extension-name jakarta.xml.ws Medium Version pom version 2.3.3 Highest Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version pom parent-version 2.3.3 Low Version file version 2.3.3 High
java-boot-classpath-detector-1.19.jarDescription:
Queries a java home in order to find its boot class path.
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\java-boot-classpath-detector\1.19\java-boot-classpath-detector-1.19.jarMD5: 61aa6df51e9d6b1dfc6bd733ca136411SHA1: 6607df29e2e29cf5bafe17f98cdb81828fdd9aedSHA256: 56b04528fc1c88f0b79c3e7a4d18a287f3c89ba932936f90aa754a34f69f85e8Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mojo Low Vendor jar package name mojo Highest Vendor pom artifactid java-boot-classpath-detector Low Vendor jar package name codehaus Highest Vendor file name java-boot-classpath-detector High Vendor jar package name animal_sniffer Low Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor pom name Java boot classpath detector High Vendor pom groupid codehaus.mojo Highest Vendor jar package name codehaus Low Vendor pom parent-artifactid animal-sniffer-parent Low Product pom name Java boot classpath detector High Product pom groupid codehaus.mojo Highest Product jar package name mojo Low Product pom parent-artifactid animal-sniffer-parent Medium Product pom artifactid java-boot-classpath-detector Highest Product jar package name mojo Highest Product jar package name codehaus Highest Product file name java-boot-classpath-detector High Product jar package name animal_sniffer Low Product pom parent-groupid org.codehaus.mojo Medium Product jar package name jbcpd Low Version file version 1.19 High Version pom version 1.19 Highest
java-ordered-properties-1.0.4.jarDescription:
Alternative to the JDK class java.util.Properties License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\nu\studer\java-ordered-properties\1.0.4\java-ordered-properties-1.0.4.jar
MD5: 7bccb62b3a05117f8f8d2c963f8b8945
SHA1: d7343483a491e2534a99170777e14accbafddbe2
SHA256: 803766d9fecc4112c72b39951e60c2e60156c2b100c3aa11df98b27583ba3eb6
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name studer Low Vendor jar package name nu Low Vendor pom url etiennestuder/java-ordered-properties Highest Vendor jar package name nu Highest Vendor jar package name studer Highest Vendor jar package name java Highest Vendor pom name java-ordered-properties High Vendor pom groupid nu.studer Highest Vendor pom artifactid java-ordered-properties Low Vendor file name java-ordered-properties High Vendor jar package name util Highest Vendor jar package name java Low Product jar package name studer Low Product jar package name nu Highest Product pom url etiennestuder/java-ordered-properties High Product pom artifactid java-ordered-properties Highest Product jar package name studer Highest Product jar package name java Highest Product jar package name util Low Product pom name java-ordered-properties High Product pom groupid nu.studer Highest Product file name java-ordered-properties High Product jar package name util Highest Product jar package name java Low Version pom version 1.0.4 Highest Version file version 1.0.4 High
javaparser-core-3.16.1.jarDescription:
The core parser functionality. This may be all you need. License:
GNU Lesser General Public License: http://www.gnu.org/licenses/lgpl-3.0.html
Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\github\javaparser\javaparser-core\3.16.1\javaparser-core-3.16.1.jar
MD5: ec99871776ee7b9f11f7608980207fab
SHA1: 440e5d7118e50d544418a96873d6322c4b1d5527
SHA256: 2d102b789d6d85849376336491ad8a83bee6e0ac9aecfdcc231dbdf95a12e834
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname com.github.javaparser.javaparser-core Medium Vendor file name javaparser-core High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom parent-artifactid javaparser-parent Low Vendor Manifest automatic-module-name com.github.javaparser.core Medium Vendor pom groupid com.github.javaparser Highest Vendor Manifest bundle-developers matozoid;email="hexagonaal@gmail.com";name="Danny van Bruggen","jgesser@gmail.com";email="jgesser@gmail.com";name="Júlio Vilmar Gesser",sebastiankirsch;email="sebastian.kirsch@immobilienscout24.de";name="Sebastian Kirsch",before;name="André Rouél",SmiddyPence;email="smiddypence@gmail.com";name="Nicholas Smith",ftomassetti;email="federico@tomassetti.me";name="Federico Tomassetti",ptitjes;email="ptitjes@free.fr";name="Didier Villevalois",MysterAitch;name="Roger Howell" Low Vendor pom parent-groupid com.github.javaparser Medium Vendor pom groupid github.javaparser Highest Vendor jar package name javaparser Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor Manifest bundle-docurl https://github.com/javaparser/javaparser-core Low Vendor jar package name github Highest Vendor pom artifactid javaparser-core Low Product pom artifactid javaparser-core Highest Product Manifest bundle-symbolicname com.github.javaparser.javaparser-core Medium Product file name javaparser-core High Product pom parent-artifactid javaparser-parent Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest automatic-module-name com.github.javaparser.core Medium Product Manifest bundle-developers matozoid;email="hexagonaal@gmail.com";name="Danny van Bruggen","jgesser@gmail.com";email="jgesser@gmail.com";name="Júlio Vilmar Gesser",sebastiankirsch;email="sebastian.kirsch@immobilienscout24.de";name="Sebastian Kirsch",before;name="André Rouél",SmiddyPence;email="smiddypence@gmail.com";name="Nicholas Smith",ftomassetti;email="federico@tomassetti.me";name="Federico Tomassetti",ptitjes;email="ptitjes@free.fr";name="Didier Villevalois",MysterAitch;name="Roger Howell" Low Product Manifest Bundle-Name javaparser-core Medium Product pom parent-groupid com.github.javaparser Medium Product pom groupid github.javaparser Highest Product jar package name javaparser Highest Product jar package name version Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest bundle-docurl https://github.com/javaparser/javaparser-core Low Product jar package name github Highest Version pom version 3.16.1 Highest Version Manifest Bundle-Version 3.16.1 High Version file version 3.16.1 High
javax.activation-api-1.2.0.jarDescription:
JavaBeans Activation Framework API jar License:
https://github.com/javaee/activation/blob/master/LICENSE.txt File Path: C:\Users\Jeremy\.m2\repository\javax\activation\javax.activation-api\1.2.0\javax.activation-api-1.2.0.jar
MD5: 5e50e56bcf4a3ef3bc758f69f7643c3b
SHA1: 85262acf3ca9816f9537ca47d5adeabaead7cb16
SHA256: 43fdef0b5b6ceb31b0424b208b930c74ab58fac2ceeb7b3f6fd3aeb8b5ca4393
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid javax.activation Highest Vendor file name javax.activation-api High Vendor Manifest automatic-module-name java.activation Medium Vendor pom name JavaBeans Activation Framework API jar High Vendor Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Vendor jar package name javax Highest Vendor jar package name activation Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest Implementation-Vendor Oracle High Vendor Manifest (hint) specification-vendor sun Low Vendor Manifest Implementation-Vendor-Id com.sun Medium Vendor Manifest extension-name javax.activation Medium Vendor pom parent-artifactid all Low Vendor Manifest bundle-symbolicname javax.activation-api Medium Vendor Manifest specification-vendor Oracle Low Vendor pom artifactid javax.activation-api Low Vendor Manifest (hint) Implementation-Vendor sun High Vendor pom parent-groupid com.sun.activation Medium Product file name javax.activation-api High Product pom groupid javax.activation Highest Product Manifest Implementation-Title javax.activation.javax.activation-api High Product Manifest specification-title javax.activation.javax.activation-api Medium Product pom artifactid javax.activation-api Highest Product Manifest automatic-module-name java.activation Medium Product pom name JavaBeans Activation Framework API jar High Product Manifest originally-created-by 1.8.0_141 (Oracle Corporation) Low Product jar package name javax Highest Product jar package name activation Highest Product Manifest Bundle-Name JavaBeans Activation Framework API jar Medium Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest extension-name javax.activation Medium Product Manifest bundle-symbolicname javax.activation-api Medium Product pom parent-artifactid all Medium Product pom parent-groupid com.sun.activation Medium Version Manifest Bundle-Version 1.2.0 High Version Manifest Implementation-Version 1.2.0 High Version pom version 1.2.0 Highest Version file version 1.2.0 High
javax.inject-1.jarDescription:
The javax.inject API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\javax\inject\javax.inject\1\javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256: 91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name javax Highest Vendor pom artifactid javax.inject Low Vendor pom groupid javax.inject Highest Vendor jar package name inject Low Vendor pom url http://code.google.com/p/atinject/ Highest Vendor pom name javax.inject High Vendor jar package name javax Low Vendor file name javax.inject-1 High Vendor jar package name inject Highest Product jar package name javax Highest Product pom groupid javax.inject Highest Product pom url http://code.google.com/p/atinject/ Medium Product jar package name inject Low Product pom artifactid javax.inject Highest Product pom name javax.inject High Product file name javax.inject-1 High Product jar package name inject Highest Version pom version 1 Highest Version file version 1 Medium
javax.json-1.1.4.jarDescription:
Default provider for JSR 374:Java API for Processing JSON License:
https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\javax.json\1.1.4\javax.json-1.1.4.jar
MD5: ac67218fb9716fec512be8d0d877bde2
SHA1: 943f240a509d3c70b448a55c6735591ecbd37c88
SHA256: 17fdeb7e22375a7fb40bb0551306f6dcf2b5743078668adcdf6c642c9a9ec955
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.glassfish.javax.json Medium Vendor pom url https://javaee.github.io/jsonp Highest Vendor file name javax.json High Vendor jar package name glassfish Highest Vendor pom name JSR 374 (JSON Processing) Default Provider High Vendor jar package name javax Highest Vendor pom artifactid javax.json Low Vendor Manifest automatic-module-name java.json Medium Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest extension-name javax.json Medium Vendor jar package name json Highest Vendor pom parent-groupid org.glassfish Medium Vendor jar package name api Highest Vendor pom groupid org.glassfish Highest Vendor pom groupid glassfish Highest Vendor pom parent-artifactid json Low Product Manifest bundle-symbolicname org.glassfish.javax.json Medium Product pom artifactid javax.json Highest Product file name javax.json High Product jar package name glassfish Highest Product pom name JSR 374 (JSON Processing) Default Provider High Product jar package name javax Highest Product Manifest automatic-module-name java.json Medium Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest extension-name javax.json Medium Product jar package name json Highest Product jar package name api Highest Product pom parent-groupid org.glassfish Medium Product pom parent-artifactid json Medium Product Manifest Bundle-Name JSR 374 (JSON Processing) Default Provider Medium Product pom groupid glassfish Highest Product pom url https://javaee.github.io/jsonp Medium Version pom version 1.1.4 Highest Version Manifest Implementation-Version 1.1.4 High Version file version 1.1.4 High Version Manifest Bundle-Version 1.1.4 High
javax.json-api-1.1.4.jarDescription:
API module of JSR 374:Java API for Processing JSON License:
https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: C:\Users\Jeremy\.m2\repository\javax\json\javax.json-api\1.1.4\javax.json-api-1.1.4.jar
MD5: 6128da383f9a4a45593650fc263a0998
SHA1: c8efa3cfaeee2b05c2dfd54cba21548a081b1746
SHA256: 0bdb79a0a5e0cce2d8d2d339ad53453cdf90045fe34c5e4b19b064bb1aee5876
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url https://javaee.github.io/jsonp Highest Vendor Manifest bundle-symbolicname javax.json-api Medium Vendor pom artifactid javax.json-api Low Vendor jar package name javax Highest Vendor Manifest bundle-docurl http://www.oracle.com Low Vendor Manifest extension-name javax.json Medium Vendor file name javax.json-api High Vendor jar package name json Highest Vendor pom name JSR 374 (JSON Processing) API High Vendor pom parent-groupid org.glassfish Medium Vendor pom groupid javax.json Highest Vendor pom parent-artifactid json Low Product Manifest Bundle-Name JSR 374 (JSON Processing) API Medium Product Manifest bundle-symbolicname javax.json-api Medium Product jar package name javax Highest Product Manifest bundle-docurl http://www.oracle.com Low Product Manifest extension-name javax.json Medium Product file name javax.json-api High Product jar package name json Highest Product pom name JSR 374 (JSON Processing) API High Product pom parent-groupid org.glassfish Medium Product pom parent-artifactid json Medium Product pom groupid javax.json Highest Product pom artifactid javax.json-api Highest Product pom url https://javaee.github.io/jsonp Medium Version pom version 1.1.4 Highest Version Manifest Implementation-Version 1.1.4 High Version file version 1.1.4 High Version Manifest Bundle-Version 1.1.4 High
javax.servlet-api-3.1.0.jarDescription:
Java(TM) Servlet 3.1 API Design Specification License:
CDDL + GPLv2 with classpath exception: https://glassfish.dev.java.net/nonav/public/CDDL+GPL.html File Path: C:\Users\Jeremy\.m2\repository\javax\servlet\javax.servlet-api\3.1.0\javax.servlet-api-3.1.0.jar
MD5: 79de69e9f5ed8c7fcb8342585732bbf7
SHA1: 3cd63d075497751784b2fa84be59432f4905bf7c
SHA256: af456b2dd41c4e82cf54f3e743bc678973d9fe35bd4d3071fa05c7e5333b8482
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid javax.servlet Highest Vendor jar package name servlet Highest Vendor pom parent-groupid net.java Medium Vendor file name javax.servlet-api High Vendor Manifest Implementation-Vendor GlassFish Community High Vendor pom organization name GlassFish Community High Vendor Manifest bundle-docurl https://glassfish.dev.java.net Low Vendor jar package name javax Highest Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor Manifest extension-name javax.servlet Medium Vendor pom organization url https://glassfish.dev.java.net Medium Vendor pom name Java Servlet API High Vendor pom url http://servlet-spec.java.net Highest Vendor pom artifactid javax.servlet-api Low Vendor Manifest bundle-symbolicname javax.servlet-api Medium Vendor pom parent-artifactid jvnet-parent Low Product jar package name servlet Highest Product pom groupid javax.servlet Highest Product pom artifactid javax.servlet-api Highest Product pom parent-groupid net.java Medium Product pom organization url https://glassfish.dev.java.net Low Product file name javax.servlet-api High Product Manifest bundle-docurl https://glassfish.dev.java.net Low Product jar package name javax Highest Product pom url http://servlet-spec.java.net Medium Product Manifest Bundle-Name Java Servlet API Medium Product pom organization name GlassFish Community Low Product Manifest extension-name javax.servlet Medium Product pom name Java Servlet API High Product pom parent-artifactid jvnet-parent Medium Product Manifest bundle-symbolicname javax.servlet-api Medium Version file version 3.1.0 High Version pom parent-version 3.1.0 Low Version Manifest Bundle-Version 3.1.0 High Version Manifest Implementation-Version 3.1.0 High Version pom version 3.1.0 Highest
jaxb-api-2.3.1.jarDescription:
JAXB (JSR 222) API License:
https://oss.oracle.com/licenses/CDDL+GPL-1.1, https://oss.oracle.com/licenses/CDDL+GPL-1.1 File Path: C:\Users\Jeremy\.m2\repository\javax\xml\bind\jaxb-api\2.3.1\jaxb-api-2.3.1.jar
MD5: bcf270d320f645ad19f5edb60091e87f
SHA1: 8531ad5ac454cc2deb9d4d32c40c4d7451939b5d
SHA256: 88b955a0df57880a26a74708bc34f74dcaf8ebf4e78843a28b50eae945732b06
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid jaxb-api-parent Low Vendor Manifest bundle-symbolicname jaxb-api Medium Vendor jar package name bind Highest Vendor Manifest extension-name javax.xml.bind Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version>=1.8))" Low Vendor file name jaxb-api High Vendor jar package name xml Highest Vendor Manifest multi-release true Low Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor jar package name javax Highest Vendor Manifest Implementation-Vendor-Id org.glassfish Medium Vendor Manifest specification-vendor Oracle Corporation Low Vendor pom artifactid jaxb-api Low Vendor pom groupid javax.xml.bind Highest Vendor Manifest implementation-build-id UNKNOWN-7de2ca118a0cfc4a373872915aef59148dff5f93, 2018-09-12T06:28:43-0700 Low Vendor Manifest bundle-docurl http://www.oracle.com/ Low Vendor jar package name jaxb Highest Product Manifest bundle-symbolicname jaxb-api Medium Product jar package name bind Highest Product Manifest extension-name javax.xml.bind Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version>=1.8))" Low Product file name jaxb-api High Product jar package name xml Highest Product Manifest multi-release true Low Product jar package name javax Highest Product pom artifactid jaxb-api Highest Product Manifest specification-title jaxb-api Medium Product Manifest Bundle-Name jaxb-api Medium Product pom parent-artifactid jaxb-api-parent Medium Product Manifest implementation-build-id UNKNOWN-7de2ca118a0cfc4a373872915aef59148dff5f93, 2018-09-12T06:28:43-0700 Low Product pom groupid javax.xml.bind Highest Product Manifest bundle-docurl http://www.oracle.com/ Low Product jar package name jaxb Highest Version Manifest Bundle-Version 2.3.1 High Version pom version 2.3.1 Highest Version file version 2.3.1 High
jaxb-impl-2.3.3.jarDescription:
Old JAXB Runtime module. Contains sources required for runtime processing. License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-impl\2.3.3\jaxb-impl-2.3.3.jar
MD5: 8f59ab4ced2bb2e3a732e924852fac98
SHA1: 3758e8c1664979749e647a9ca8c7ea1cd83c9b1e
SHA256: e5178d0c7948247f75a13c689bf36f4d5d4910a121f712aa3b20ae94377069d8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname com.sun.xml.bind.jaxb-impl Medium Vendor Manifest git-revision 60e0433 Low Vendor jar package name bind Highest Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor file name jaxb-impl High Vendor jar package name com Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name sun Highest Vendor Manifest multi-release true Low Vendor jar package name xml Highest Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom parent-artifactid jaxb-bundles Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom groupid sun.xml.bind Highest Vendor pom groupid com.sun.xml.bind Highest Vendor jar (hint) package name oracle Highest Vendor pom artifactid jaxb-impl Low Vendor pom name Old JAXB Runtime High Product Manifest bundle-symbolicname com.sun.xml.bind.jaxb-impl Medium Product Manifest git-revision 60e0433 Low Product jar package name bind Highest Product Manifest specification-title Jakarta XML Binding Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product file name jaxb-impl High Product jar package name com Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name sun Highest Product pom artifactid jaxb-impl Highest Product jar package name xml Highest Product Manifest multi-release true Low Product pom parent-artifactid jaxb-bundles Medium Product Manifest Implementation-Title Jakarta XML Binding Implementation High Product pom parent-groupid com.sun.xml.bind.mvn Medium Product Manifest Bundle-Name Old JAXB Runtime Medium Product pom groupid sun.xml.bind Highest Product pom name Old JAXB Runtime High Version pom version 2.3.3 Highest Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version file version 2.3.3 High Version Manifest major-version 2.3.3 Medium Version Manifest build-id 2.3.3 Medium
jaxb-impl-2.3.3.jar (shaded: com.sun.istack:istack-commons-runtime:3.0.11)File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-impl\2.3.3\jaxb-impl-2.3.3.jar\META-INF/maven/com.sun.istack/istack-commons-runtime/pom.xmlMD5: 2cf61b2d9ed8b708932ba4d2bdd53025SHA1: 1c4b0f15c5b1aeb7ba30ba0f6a21c10ee112d2b2SHA256: ae1c070432a8cc35b92960758175014e991193af982e0ad083e40885611d7e94Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid istack-commons Low Vendor pom artifactid istack-commons-runtime Low Vendor pom name istack common utility code runtime High Vendor pom groupid sun.istack Highest Vendor pom parent-groupid com.sun.istack Medium Product pom parent-artifactid istack-commons Medium Product pom name istack common utility code runtime High Product pom groupid sun.istack Highest Product pom parent-groupid com.sun.istack Medium Product pom artifactid istack-commons-runtime Highest Version pom version 3.0.11 Highest
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.3.3)Description:
JAXB (JSR 222) Reference Implementation File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-impl\2.3.3\jaxb-impl-2.3.3.jar\META-INF/maven/org.glassfish.jaxb/jaxb-runtime/pom.xmlMD5: 7612c04cd616dd6d2a471427a3b87518SHA1: 2efabedb3f95d04c4b1aa6c71beb16d6d1283f95SHA256: 92dfe5a3925a9194f0a348ca7a4d5ae7dc64fca79ceab5bcd04ef947f42f36f4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom artifactid jaxb-runtime Low Vendor pom name JAXB Runtime High Vendor pom parent-artifactid jaxb-runtime-parent Low Vendor pom groupid glassfish.jaxb Highest Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom parent-artifactid jaxb-runtime-parent Medium Product pom artifactid jaxb-runtime Highest Product pom name JAXB Runtime High Product pom groupid glassfish.jaxb Highest Version pom version 2.3.3 Highest
jaxb-impl-2.3.3.jar (shaded: org.glassfish.jaxb:txw2:2.3.3)Description:
TXW is a library that allows you to write XML documents.
File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-impl\2.3.3\jaxb-impl-2.3.3.jar\META-INF/maven/org.glassfish.jaxb/txw2/pom.xmlMD5: d500c9f1fa5827030d0ecee5e5b8122bSHA1: 69002631b1dd2c1205c099feaca71689090e3fa1SHA256: 578621ff5ae4feaf6e41c3e0575ba67db3aa57aeb70ed68611795cddfb4b577fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom name TXW2 Runtime High Vendor pom parent-artifactid jaxb-txw-parent Low Vendor pom artifactid txw2 Low Vendor pom groupid glassfish.jaxb Highest Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom name TXW2 Runtime High Product pom artifactid txw2 Highest Product pom parent-artifactid jaxb-txw-parent Medium Product pom groupid glassfish.jaxb Highest Version pom version 2.3.3 Highest
jaxb-jxc-2.3.3.jarDescription:
Old JAXB schema generator.The *tool* to generate XML schema based on java classes.
License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-jxc\2.3.3\jaxb-jxc-2.3.3.jar
MD5: d7254593b9d760665ae6478b527ef028
SHA1: f6084b9b7025d52d423c4e51db4b46a842d82170
SHA256: a6e31082e268a68e9fdc4fa2352360c57708e21aeadc3264974dafd12b00aa65
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name JAXB JXC High Vendor Manifest git-revision 60e0433 Low Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest bundle-symbolicname com.sun.xml.bind.jaxb-jxc Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor jar package name jxc Highest Vendor jar package name com Highest Vendor pom parent-artifactid jaxb-parent Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name sun Highest Vendor pom name Old JAXB JXC High Vendor Manifest multi-release true Low Vendor pom artifactid jaxb-jxc Low Vendor pom groupid glassfish.jaxb Highest Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom parent-artifactid jaxb-bundles Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor file name jaxb-jxc High Vendor pom groupid sun.xml.bind Highest Vendor pom groupid com.sun.xml.bind Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-activationpolicy lazy Low Product pom name JAXB JXC High Product Manifest git-revision 60e0433 Low Product Manifest bundle-symbolicname com.sun.xml.bind.jaxb-jxc Medium Product Manifest specification-title Jakarta XML Binding Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product jar package name jxc Highest Product pom parent-artifactid jaxb-parent Medium Product jar package name com Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name sun Highest Product pom name Old JAXB JXC High Product Manifest multi-release true Low Product pom parent-artifactid jaxb-bundles Medium Product pom groupid glassfish.jaxb Highest Product Manifest Implementation-Title Jakarta XML Binding Implementation High Product pom parent-groupid com.sun.xml.bind.mvn Medium Product file name jaxb-jxc High Product pom groupid sun.xml.bind Highest Product Manifest bundle-activationpolicy lazy Low Product pom artifactid jaxb-jxc Highest Product Manifest Bundle-Name Old JAXB JXC Medium Version pom version 2.3.3 Highest Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version file version 2.3.3 High Version Manifest major-version 2.3.3 Medium Version Manifest build-id 2.3.3 Medium
jaxb-xjc-2.3.3.jarDescription:
Old JAXB Binding Compiler. Contains source code needed for binding customization files into java sources.
In other words: the *tool* to generate java classes for the given xml representation.
License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.3.3\jaxb-xjc-2.3.3.jar
MD5: 4658157c583ed6f4230e2b88dc1dd400
SHA1: 77e5784f53e865904bf91cfcd72cfc0afd070486
SHA256: 0899ce93b9ffb76fb994c668d531d4ceff54690034bb6d62991c064eea583506
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname com.sun.xml.bind.jaxb-xjc Medium Vendor Manifest git-revision 60e0433 Low Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor jar package name com Highest Vendor jar package name xjc Highest Vendor pom parent-artifactid jaxb-parent Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name sun Highest Vendor Manifest multi-release true Low Vendor jar package name xml Highest Vendor pom groupid glassfish.jaxb Highest Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom name Old JAXB XJC High Vendor pom parent-artifactid jaxb-bundles Low Vendor file name jaxb-xjc High Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom groupid sun.xml.bind Highest Vendor pom groupid com.sun.xml.bind Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor pom artifactid jaxb-xjc Low Vendor pom name JAXB XJC High Product Manifest bundle-symbolicname com.sun.xml.bind.jaxb-xjc Medium Product Manifest git-revision 60e0433 Low Product Manifest specification-title Jakarta XML Binding Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name Old JAXB XJC Medium Product pom parent-artifactid jaxb-parent Medium Product jar package name xjc Highest Product jar package name com Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name sun Highest Product jar package name xml Highest Product Manifest multi-release true Low Product pom parent-artifactid jaxb-bundles Medium Product pom groupid glassfish.jaxb Highest Product pom artifactid jaxb-xjc Highest Product Manifest Implementation-Title Jakarta XML Binding Implementation High Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom name Old JAXB XJC High Product file name jaxb-xjc High Product pom groupid sun.xml.bind Highest Product Manifest bundle-activationpolicy lazy Low Product pom name JAXB XJC High Version pom version 2.3.3 Highest Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version file version 2.3.3 High Version Manifest major-version 2.3.3 Medium Version Manifest build-id 2.3.3 Medium
jaxb-xjc-2.3.3.jar (shaded: com.sun.istack:istack-commons-tools:3.0.11)File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.3.3\jaxb-xjc-2.3.3.jar\META-INF/maven/com.sun.istack/istack-commons-tools/pom.xmlMD5: 82d61f24853d299d47a8690ba7215d01SHA1: 2d9f921e5dc5571cda3eb5428a3d73d939b892ffSHA256: 5a34f22450890d3b227de2ec132c3edc32ddc1a6a70a7f98208539a108ab4292Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid istack-commons Low Vendor pom groupid sun.istack Highest Vendor pom artifactid istack-commons-tools Low Vendor pom name istack common utility code tools High Vendor pom parent-groupid com.sun.istack Medium Product pom parent-artifactid istack-commons Medium Product pom artifactid istack-commons-tools Highest Product pom groupid sun.istack Highest Product pom name istack common utility code tools High Product pom parent-groupid com.sun.istack Medium Version pom version 3.0.11 Highest
jaxb-xjc-2.3.3.jar (shaded: com.sun.xml.bind.external:relaxng-datatype:2.3.3)Description:
RelaxNG Datatype library. File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.3.3\jaxb-xjc-2.3.3.jar\META-INF/maven/com.sun.xml.bind.external/relaxng-datatype/pom.xmlMD5: ee65b10fa12fa1bae014a5a9a7009accSHA1: 37684369b4c4f6b32807e9661ddbcdba4f1a7097SHA256: 746048f98d93b5fe81953c1b504495d29a4477f43c8a1a4f832ab210cb06a0ebReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.bind.external Highest Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom parent-artifactid jaxb-external-parent Low Vendor pom name RelaxNG Datatype High Vendor pom artifactid relaxng-datatype Low Product pom groupid sun.xml.bind.external Highest Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom parent-artifactid jaxb-external-parent Medium Product pom artifactid relaxng-datatype Highest Product pom name RelaxNG Datatype High Version pom version 2.3.3 Highest
jaxb-xjc-2.3.3.jar (shaded: com.sun.xml.bind.external:rngom:2.3.3)Description:
RNGOM is a RelaxNG Object model library (XSOM for RelaxNG).
File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.3.3\jaxb-xjc-2.3.3.jar\META-INF/maven/com.sun.xml.bind.external/rngom/pom.xmlMD5: 92fc9b07f2a1731646b1acf5d8cccc26SHA1: 617d007504ea4836cdf013569bbfbf92de1afd1cSHA256: f94eee45f1e161b51555d61286c25c5237f8299819a87e1c3ed3bebd137169b2Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.bind.external Highest Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom name RNGOM High Vendor pom parent-artifactid jaxb-external-parent Low Vendor pom artifactid rngom Low Product pom groupid sun.xml.bind.external Highest Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom name RNGOM High Product pom parent-artifactid jaxb-external-parent Medium Product pom artifactid rngom Highest Version pom version 2.3.3 Highest
jaxb-xjc-2.3.3.jar (shaded: com.sun.xml.dtd-parser:dtd-parser:1.4.3)Description:
SAX-like API for parsing XML DTDs. License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.3.3\jaxb-xjc-2.3.3.jar\META-INF/maven/com.sun.xml.dtd-parser/dtd-parser/pom.xml
MD5: d04037e7ae005bb94f6005c40a3e9b83
SHA1: 53d3a8c7ef38e7b23b656a65a097791c69fefce3
SHA256: 45eac052dea44e440f6e249ac7b82e751bf3ebd11b5093e08e176ba9649a4424
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid project Low Vendor pom groupid sun.xml.dtd-parser Highest Vendor pom artifactid dtd-parser Low Vendor pom name DTD Parser High Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom url eclipse-ee4j/jaxb-dtd-parser Highest Product pom artifactid dtd-parser Highest Product pom parent-artifactid project Medium Product pom url eclipse-ee4j/jaxb-dtd-parser High Product pom groupid sun.xml.dtd-parser Highest Product pom name DTD Parser High Product pom parent-groupid org.eclipse.ee4j Medium Version pom parent-version 1.4.3 Low Version pom version 1.4.3 Highest
jaxb-xjc-2.3.3.jar (shaded: org.glassfish.jaxb:codemodel:2.3.3)Description:
The core functionality of the CodeModel java source code generation library File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.3.3\jaxb-xjc-2.3.3.jar\META-INF/maven/org.glassfish.jaxb/codemodel/pom.xmlMD5: 9ea418c76f26917267963574a10a020fSHA1: 188adecd75e26e0d31f9cb0d8e31fbb4b38dc18dSHA256: df4ad05530a5a2939d508229e70c8820ffd0b9ed3462618ca17837eb0feb12e5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid com.sun.xml.bind.mvn Medium Vendor pom artifactid codemodel Low Vendor pom parent-artifactid jaxb-codemodel-parent Low Vendor pom name Codemodel Core High Vendor pom groupid glassfish.jaxb Highest Product pom parent-groupid com.sun.xml.bind.mvn Medium Product pom artifactid codemodel Highest Product pom parent-artifactid jaxb-codemodel-parent Medium Product pom name Codemodel Core High Product pom groupid glassfish.jaxb Highest Version pom version 2.3.3 Highest
jaxb-xjc-2.3.3.jar (shaded: org.glassfish.jaxb:xsom:2.3.3)Description:
XML Schema Object Model (XSOM) is a Java library that allows applications to easily parse XML Schema
documents and inspect information in them. It is expected to be useful for applications that need to take XML
Schema as an input.
File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\bind\jaxb-xjc\2.3.3\jaxb-xjc-2.3.3.jar\META-INF/maven/org.glassfish.jaxb/xsom/pom.xmlMD5: 45d51d84b8d93f7dd635ec85c02d1873SHA1: 2c0db8b37903787925acceaabf6fd5734f964ec9SHA256: ea830ca948f46dcc59ac7bd60dc3a571246d2e1694ad04d2718886b2fdd1dea1Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid project Low Vendor pom name XSOM High Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom artifactid xsom Low Vendor pom groupid glassfish.jaxb Highest Product pom parent-artifactid project Medium Product pom name XSOM High Product pom artifactid xsom Highest Product pom parent-groupid org.eclipse.ee4j Medium Product pom groupid glassfish.jaxb Highest Version pom version 2.3.3 Highest Version pom parent-version 2.3.3 Low
jaxen-1.1-beta-8.jarDescription:
Jaxen is a universal Java XPath engine. File Path: C:\Users\Jeremy\.m2\repository\jaxen\jaxen\1.1-beta-8\jaxen-1.1-beta-8.jarMD5: f02f59d819544e8e6299b7010e98cc40SHA1: b0bbd0cc28b4ec88b58d304896f7be7598e1c909SHA256: b07b476859e37066ef04fcd98ef874bcbf5896c048ec99787e77aa15cc07e073Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name jaxen High Vendor pom url http://jaxen.codehaus.org/ Highest Vendor pom artifactid jaxen Low Vendor pom groupid jaxen Highest Vendor Manifest specification-vendor Codehaus Low Vendor pom organization name Codehaus High Vendor jar package name jaxen Highest Vendor file name jaxen High Vendor Manifest Implementation-Vendor Codehaus High Vendor jar package name xpath Highest Vendor Manifest extension-name jaxen Medium Vendor pom organization url http://www.codehaus.org Medium Product pom organization name Codehaus Low Product pom organization url http://www.codehaus.org Low Product pom name jaxen High Product pom url http://jaxen.codehaus.org/ Medium Product Manifest Implementation-Title org.jaxen High Product pom groupid jaxen Highest Product Manifest specification-title Universal Java XPath Engine Medium Product jar package name jaxen Highest Product file name jaxen High Product jar package name xpath Highest Product Manifest extension-name jaxen Medium Product pom artifactid jaxen Highest Version pom version 1.1-beta-8 Highest Version Manifest Implementation-Version 1.1-beta-8 High
jaxws-maven-plugin-2.3.3.jarDescription:
Maven plugin for JAX-WS RI License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-maven-plugin\2.3.3\jaxws-maven-plugin-2.3.3.jar
MD5: ec544a8cfe5d430d475e7b6f9e235f68
SHA1: a25478aa08c3a43b867bdd6c5e8d3b8637c4e526
SHA256: 58d21096fc0932162e6527697a130dcfbe065ed45e42237859af488e9e35e57c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor hint analyzer vendor web services Medium Vendor pom groupid com.sun.xml.ws Highest Vendor pom artifactid jaxws-maven-plugin Low Vendor jar package name jaxws Highest Vendor Manifest build-jdk-spec 11 Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor file name jaxws-maven-plugin High Vendor pom name Maven JAXWS 2.x Plugin High Product pom groupid sun.xml.ws Highest Product pom parent-artifactid project Medium Product jar package name jaxws Highest Product hint analyzer product web services Medium Product pom artifactid jaxws-maven-plugin Highest Product Manifest build-jdk-spec 11 Low Product pom parent-groupid org.eclipse.ee4j Medium Product file name jaxws-maven-plugin High Product pom name Maven JAXWS 2.x Plugin High Version pom version 2.3.3 Highest Version pom parent-version 2.3.3 Low Version file version 2.3.3 High
jaxws-rt-2.3.3.jarDescription:
JAX-WS Runtime with module descriptor License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-rt\2.3.3\jaxws-rt-2.3.3.jar
MD5: 697ef8976ff9a63cd1755f05ff866a3e
SHA1: 7a682d487b97cf22213fe9bc8d6f36044f5629e8
SHA256: 63d3c92664dfdc10b0fb0e59f85e230afac7c7814d9ff223cebb8c50012bf1aa
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name org Highest Vendor Manifest bundle-symbolicname com.sun.xml.ws.jaxws-rt Medium Vendor pom artifactid jaxws-rt Low Vendor Manifest Implementation-Vendor-Id org.eclipse Medium Vendor jar package name ws Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor jar package name com Highest Vendor Manifest extension-name com.sun.xml.ws Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name sun Highest Vendor pom name JAX-WS RI Runtime (jaxws-rt) High Vendor file name jaxws-rt High Vendor jar package name xml Highest Vendor Manifest multi-release true Low Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor jar package name runtime Highest Vendor Manifest git-revision b4c5bb6 Low Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor hint analyzer vendor web services Medium Vendor pom groupid com.sun.xml.ws Highest Vendor pom parent-groupid com.sun.xml.ws Medium Vendor jar (hint) package name oracle Highest Product jar package name org Highest Product pom parent-artifactid project Medium Product Manifest bundle-symbolicname com.sun.xml.ws.jaxws-rt Medium Product jar package name ws Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest specification-title Jakarta XML Web Services Medium Product pom artifactid jaxws-rt Highest Product jar package name com Highest Product hint analyzer product web services Medium Product Manifest extension-name com.sun.xml.ws Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name sun Highest Product pom name JAX-WS RI Runtime (jaxws-rt) High Product file name jaxws-rt High Product jar package name xml Highest Product Manifest multi-release true Low Product pom groupid sun.xml.ws Highest Product jar package name runtime Highest Product Manifest git-revision b4c5bb6 Low Product Manifest Implementation-Title Jakarta XML Web Services Implementation High Product Manifest Bundle-Name JAX-WS RI Runtime (jaxws-rt) Medium Product pom parent-groupid com.sun.xml.ws Medium Version pom version 2.3.3 Highest Version Manifest Bundle-Version 2.3.3 High Version Manifest Implementation-Version 2.3.3 High Version file version 2.3.3 High Version Manifest major-version 2.3.3 Medium Version Manifest build-id 2.3.3 Medium
Related Dependencies jaxws-tools-2.3.3.jarFile Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-tools\2.3.3\jaxws-tools-2.3.3.jar MD5: 2857ca54f3e5766268b9b05eb466c91a SHA1: dacff515f8dacb7767857e4126b0bedece8b7d9c SHA256: 6aa1506f7f5083ee84dafc6784e7367b038e6ea5f7c0e819c03022a90277509d pkg:maven/com.sun.xml.ws/jaxws-tools@2.3.3 jaxws-rt-2.3.3.jar (shaded: com.sun.xml.ws:httpspi-servlet:2.3.3)Description:
HTTP SPI for JAX-WS RI File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-rt\2.3.3\jaxws-rt-2.3.3.jar\META-INF/maven/com.sun.xml.ws/httpspi-servlet/pom.xmlMD5: 28b8768f1be6e4d823200d0c66c16f5aSHA1: 2c35feb6033138e5a4e3a88f12f770a7c609004fSHA256: 41b1d29b0b6a26279331c73884c55f0d542c5d6d242342c67b8ccadd14a68f04Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor hint analyzer vendor web services Medium Vendor pom name JAX-WS RI HTTP SPI (httpspi-servlet) High Vendor pom parent-groupid com.sun.xml.ws Medium Vendor pom artifactid httpspi-servlet Low Product pom groupid sun.xml.ws Highest Product pom parent-artifactid project Medium Product pom name JAX-WS RI HTTP SPI (httpspi-servlet) High Product pom parent-groupid com.sun.xml.ws Medium Product hint analyzer product web services Medium Product pom artifactid httpspi-servlet Highest Version pom version 2.3.3 Highest
jaxws-rt-2.3.3.jar (shaded: com.sun.xml.ws:rt-fi:2.3.3)Description:
Fast Infoset Support for JAX-WS RI File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-rt\2.3.3\jaxws-rt-2.3.3.jar\META-INF/maven/com.sun.xml.ws/rt-fi/pom.xmlMD5: 5f47f77856c94ec44e1c0dd6c9dce1f6SHA1: bd0c78c19cf4b7c892c81139746312d3f294abb9SHA256: 424e63563dc8b8fde7e5bd5dcfaf3f9a3c23b92ca7ff2f921471b9eb7f41f686Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor hint analyzer vendor web services Medium Vendor pom parent-groupid com.sun.xml.ws Medium Vendor pom name JAX-WS RI Fast Infoset Support (rt-fi) High Vendor pom artifactid rt-fi Low Product pom groupid sun.xml.ws Highest Product pom parent-artifactid project Medium Product pom parent-groupid com.sun.xml.ws Medium Product pom artifactid rt-fi Highest Product pom name JAX-WS RI Fast Infoset Support (rt-fi) High Product hint analyzer product web services Medium Version pom version 2.3.3 Highest
jaxws-rt-2.3.3.jar (shaded: com.sun.xml.ws:rt:2.3.3)Description:
JAX-WS Reference Implementation Runtime File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-rt\2.3.3\jaxws-rt-2.3.3.jar\META-INF/maven/com.sun.xml.ws/rt/pom.xmlMD5: 3759b5503bf10efbb064026924cbbd29SHA1: 4bb9132e1cf35b68e9453b0e6d6b986b55b65b17SHA256: 21a6611755d91793e966df48262f75b57f610a162e998f84e278c9a3c632edbeReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor pom artifactid rt Low Vendor hint analyzer vendor web services Medium Vendor pom parent-groupid com.sun.xml.ws Medium Vendor pom name JAX-WS RI Runtime (rt) High Product pom groupid sun.xml.ws Highest Product pom parent-artifactid project Medium Product pom parent-groupid com.sun.xml.ws Medium Product pom artifactid rt Highest Product hint analyzer product web services Medium Product pom name JAX-WS RI Runtime (rt) High Version pom version 2.3.3 Highest
jaxws-rt-2.3.3.jar (shaded: com.sun.xml.ws:servlet:2.3.3)Description:
Servlet Support for JAX-WS RI File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-rt\2.3.3\jaxws-rt-2.3.3.jar\META-INF/maven/com.sun.xml.ws/servlet/pom.xmlMD5: 5522eb5553e16dd7ee8695646cc64571SHA1: f59e7994811ce0830058bb75e1b3313a9236341eSHA256: 84fcfbf9e81a8a675d233b972aebff2f91e804ae1d4e7cc1ebd95a4ab205755eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor hint analyzer vendor web services Medium Vendor pom parent-groupid com.sun.xml.ws Medium Vendor pom artifactid servlet Low Vendor pom name JAX-WS RI Servlet Support (servlet) High Product pom groupid sun.xml.ws Highest Product pom artifactid servlet Highest Product pom parent-artifactid project Medium Product pom parent-groupid com.sun.xml.ws Medium Product hint analyzer product web services Medium Product pom name JAX-WS RI Servlet Support (servlet) High Version pom version 2.3.3 Highest
jaxws-tools-2.3.3.jar (shaded: com.sun.xml.ws:wscompile:2.3.3)Description:
JAX-WS RI Tools File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\jaxws-tools\2.3.3\jaxws-tools-2.3.3.jar\META-INF/maven/com.sun.xml.ws/wscompile/pom.xmlMD5: 5c25754519b8b10722418a7aaaed3577SHA1: cf9d76b8d5b4385f6238aba78541cae8052fbcbeSHA256: c0d9a362a0dbaf4975e824478088447f49e74d482c3566d30707d5fb6453b0b2Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor hint analyzer vendor web services Medium Vendor pom parent-groupid com.sun.xml.ws Medium Vendor pom artifactid wscompile Low Vendor pom name JAX-WS RI Tools (wscompile) High Product pom groupid sun.xml.ws Highest Product pom parent-artifactid project Medium Product pom artifactid wscompile Highest Product pom parent-groupid com.sun.xml.ws Medium Product pom name JAX-WS RI Tools (wscompile) High Product hint analyzer product web services Medium Version pom version 2.3.3 Highest
jcip-annotations-1.0.jarFile Path: C:\Users\Jeremy\.m2\repository\net\jcip\jcip-annotations\1.0\jcip-annotations-1.0.jarMD5: 9d5272954896c5a5d234f66b7372b17aSHA1: afba4942caaeaf46aab0b976afd57cc7c181467eSHA256: be5805392060c71474bf6c9a67a099471274d30b83eef84bfc4e0889a4f1dcc0Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name net Highest Vendor jar package name jcip Low Vendor jar package name jcip Highest Vendor pom url http://jcip.net/ Highest Vendor jar package name net Low Vendor file name jcip-annotations High Vendor pom name "Java Concurrency in Practice" book annotations High Vendor jar package name annotations Highest Vendor pom groupid net.jcip Highest Vendor pom artifactid jcip-annotations Low Vendor jar package name annotations Low Product jar package name net Highest Product jar package name jcip Low Product jar package name jcip Highest Product pom url http://jcip.net/ Medium Product file name jcip-annotations High Product pom name "Java Concurrency in Practice" book annotations High Product jar package name annotations Highest Product pom artifactid jcip-annotations Highest Product pom groupid net.jcip Highest Product jar package name annotations Low Version file version 1.0 High Version pom version 1.0 Highest
jcl-over-slf4j-1.7.21.jarDescription:
JCL 1.1.1 implemented over SLF4J File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\jcl-over-slf4j\1.7.21\jcl-over-slf4j-1.7.21.jarMD5: 49956e8cf1ce48b1d8933c2d9b975d61SHA1: 331b564a3a42f002a0004b039c1c430da89062cdSHA256: 686b9dab357b7b665b969bbbf3dcdc67edd88ee9500699e893b5e70927be5e3fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.slf4j Highest Vendor pom parent-groupid org.slf4j Medium Vendor file name jcl-over-slf4j High Vendor Manifest bundle-symbolicname jcl.over.slf4j Medium Vendor pom name JCL 1.1.1 implemented over SLF4J High Vendor pom groupid slf4j Highest Vendor pom artifactid jcl-over-slf4j Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor pom url http://www.slf4j.org Highest Vendor pom parent-artifactid slf4j-parent Low Product pom artifactid jcl-over-slf4j Highest Product pom parent-groupid org.slf4j Medium Product Manifest Implementation-Title jcl-over-slf4j High Product file name jcl-over-slf4j High Product pom parent-artifactid slf4j-parent Medium Product Manifest bundle-symbolicname jcl.over.slf4j Medium Product pom name JCL 1.1.1 implemented over SLF4J High Product Manifest Bundle-Name jcl-over-slf4j Medium Product pom groupid slf4j Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom url http://www.slf4j.org Medium Version Manifest Bundle-Version 1.7.21 High Version Manifest Implementation-Version 1.7.21 High Version file version 1.7.21 High Version pom version 1.7.21 Highest
jcommander-1.48.jarDescription:
A Java framework to parse command line options with annotations. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\beust\jcommander\1.48\jcommander-1.48.jar
MD5: 7a84fb4b01f46c904bd549e67e6c48a1
SHA1: bfcb96281ea3b59d626704f74bc6d625ff51cbce
SHA256: a7313fcfde070930e40ec79edf3c5948cf34e4f0d25cb3a09f9963d8bdd84113
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid com.beust Highest Vendor jar package name jcommander Highest Vendor pom groupid beust Highest Vendor pom name JCommander High Vendor pom url http://beust.com/jcommander Highest Vendor Manifest bundle-symbolicname com.beust.jcommander Medium Vendor pom artifactid jcommander Low Vendor file name jcommander High Vendor jar package name beust Highest Product Manifest Bundle-Name JCommander Medium Product jar package name jcommander Highest Product pom artifactid jcommander Highest Product pom groupid beust Highest Product pom name JCommander High Product pom url http://beust.com/jcommander Medium Product Manifest bundle-symbolicname com.beust.jcommander Medium Product file name jcommander High Product jar package name beust Highest Version pom version 1.48 Highest Version file version 1.48 High
jdepend-2.9.1.jarFile Path: C:\Users\Jeremy\.m2\repository\jdepend\jdepend\2.9.1\jdepend-2.9.1.jarMD5: 568d2b54187444b81eab642abf49c263SHA1: 3d3089f585c2740a707c2cb99f4bb149a90d63f0SHA256: b8105789bd4497836bcec263d5a12d6326d4eb7b4fe38535d179e4a44de83370Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name jdepend Low Vendor pom artifactid jdepend Low Vendor file name jdepend High Vendor pom groupid jdepend Highest Vendor jar package name jdepend Highest Product file name jdepend High Product pom groupid jdepend Highest Product jar package name jdepend Highest Product pom artifactid jdepend Highest Version pom version 2.9.1 Highest Version file version 2.9.1 High
jdepend-maven-plugin-2.0.jarDescription:
Maven plugin that generates JDepend reports for your projects. License:
Apache License 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\jdepend-maven-plugin\2.0\jdepend-maven-plugin-2.0.jar
MD5: 3295689216862dc4c3e41e68ed6f57de
SHA1: c049bfaa27c610b19fbfc7dc42cce53c6a88a1b0
SHA256: 3173cc81b62fef6ec962c6e753024c701598597d4a6a2e1c4991669d9ce8df56
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mojo Low Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor jar package name jdepend Highest Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom artifactid jdepend-maven-plugin Low Vendor pom groupid org.codehaus.mojo Highest Vendor jar package name jdepend Low Vendor pom groupid codehaus.mojo Highest Vendor pom parent-artifactid mojo-parent Low Vendor file name jdepend-maven-plugin High Vendor jar package name codehaus Low Vendor pom name JDepend Maven Plugin High Product pom artifactid jdepend-maven-plugin Highest Product jar package name jdepend Low Product pom groupid codehaus.mojo Highest Product jar package name mojo Low Product file name jdepend-maven-plugin High Product pom parent-artifactid mojo-parent Medium Product jar package name mojo Highest Product jar package name codehaus Highest Product jar package name jdepend Highest Product pom name JDepend Maven Plugin High Product pom parent-groupid org.codehaus.mojo Medium Version pom version 2.0 Highest Version pom parent-version 2.0 Low Version file version 2.0 High
jdom-1.0.jarFile Path: C:\Users\Jeremy\.m2\repository\jdom\jdom\1.0\jdom-1.0.jarMD5: 0b8f97de82fc9529b1028a77125ce4f8SHA1: a2ac1cd690ab4c80defe7f9bce14d35934c35cecSHA256: 3b23bc3979aec14a952a12aafc483010dc57579775f2ffcacef5256a90eeda02Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor manifest: org/jdom/transform/ Implementation-Vendor jdom.org Medium Vendor pom artifactid jdom Low Vendor manifest: org/jdom/adapters/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom/filter/ Implementation-Vendor jdom.org Medium Vendor file name jdom High Vendor jar package name jdom Highest Vendor manifest: org/jdom/xpath/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom/input/ Implementation-Vendor jdom.org Medium Vendor pom groupid jdom Highest Vendor manifest: org/jdom/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom/output/ Implementation-Vendor jdom.org Medium Product manifest: org/jdom/xpath/ Implementation-Title org.jdom.xpath Medium Product jar package name transform Highest Product pom groupid jdom Highest Product jar package name xpath Highest Product manifest: org/jdom/output/ Implementation-Title org.jdom.output Medium Product jar package name input Highest Product jar package name jdom Highest Product manifest: org/jdom/output/ Specification-Title JDOM Output Classes Medium Product manifest: org/jdom/adapters/ Implementation-Title org.jdom.adapters Medium Product jar package name filter Highest Product manifest: org/jdom/input/ Specification-Title JDOM Input Classes Medium Product manifest: org/jdom/ Implementation-Title org.jdom Medium Product manifest: org/jdom/filter/ Specification-Title JDOM Filter Classes Medium Product manifest: org/jdom/transform/ Specification-Title JDOM Transformation Classes Medium Product manifest: org/jdom/adapters/ Specification-Title JDOM Adapter Classes Medium Product jar package name output Highest Product manifest: org/jdom/filter/ Implementation-Title org.jdom.filter Medium Product manifest: org/jdom/ Specification-Title JDOM Classes Medium Product manifest: org/jdom/input/ Implementation-Title org.jdom.input Medium Product manifest: org/jdom/xpath/ Specification-Title JDOM XPath Classes Medium Product file name jdom High Product manifest: org/jdom/transform/ Implementation-Title org.jdom.transform Medium Product pom artifactid jdom Highest Product jar package name adapters Highest Version manifest: org/jdom/xpath/ Implementation-Version 1.0 Medium Version manifest: org/jdom/adapters/ Implementation-Version 1.0 Medium Version manifest: org/jdom/filter/ Implementation-Version 1.0 Medium Version manifest: org/jdom/ Implementation-Version 1.0 Medium Version manifest: org/jdom/output/ Implementation-Version 1.0 Medium Version manifest: org/jdom/transform/ Implementation-Version 1.0 Medium Version file version 1.0 High Version pom version 1.0 Highest Version manifest: org/jdom/input/ Implementation-Version 1.0 Medium
jdom-1.1.jarDescription:
JDOM is, quite simply, a Java representation of an XML document. JDOM provides a way to represent that document for
easy and efficient reading, manipulation, and writing. It has a straightforward API, is a lightweight and fast, and
is optimized for the Java programmer. It's an alternative to DOM and SAX, although it integrates well with both DOM
and SAX.
File Path: C:\Users\Jeremy\.m2\repository\org\jdom\jdom\1.1\jdom-1.1.jarMD5: adf67fc5dcf48e1593640ad7e02f6ad4SHA1: 1d04c0f321ea337f3661cf7ede8f4c6f653a8fddSHA256: 3c167654499436ee9c19674b519d04e7364085533f6facada1bf90b16ad34897Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor manifest: org/jdom/transform/ Implementation-Vendor jdom.org Medium Vendor pom url http://www.jdom.org/ Highest Vendor pom groupid org.jdom Highest Vendor manifest: org/jdom/adapters/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom/filter/ Implementation-Vendor jdom.org Medium Vendor pom name JDOM High Vendor pom groupid jdom Highest Vendor pom artifactid jdom Low Vendor file name jdom High Vendor jar package name jdom Highest Vendor manifest: org/jdom/xpath/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom/input/ Implementation-Vendor jdom.org Medium Vendor jar package name document Highest Vendor manifest: org/jdom/ Implementation-Vendor jdom.org Medium Vendor manifest: org/jdom/output/ Implementation-Vendor jdom.org Medium Product pom name JDOM High Product manifest: org/jdom/xpath/ Implementation-Title org.jdom.xpath Medium Product jar package name transform Highest Product pom groupid jdom Highest Product jar package name xpath Highest Product manifest: org/jdom/output/ Implementation-Title org.jdom.output Medium Product jar package name input Highest Product jar package name jdom Highest Product manifest: org/jdom/output/ Specification-Title JDOM Output Classes Medium Product pom url http://www.jdom.org/ Medium Product manifest: org/jdom/adapters/ Implementation-Title org.jdom.adapters Medium Product jar package name filter Highest Product manifest: org/jdom/input/ Specification-Title JDOM Input Classes Medium Product manifest: org/jdom/ Implementation-Title org.jdom Medium Product manifest: org/jdom/filter/ Specification-Title JDOM Filter Classes Medium Product manifest: org/jdom/transform/ Specification-Title JDOM Transformation Classes Medium Product manifest: org/jdom/adapters/ Specification-Title JDOM Adapter Classes Medium Product jar package name output Highest Product manifest: org/jdom/filter/ Implementation-Title org.jdom.filter Medium Product manifest: org/jdom/ Specification-Title JDOM Classes Medium Product manifest: org/jdom/input/ Implementation-Title org.jdom.input Medium Product manifest: org/jdom/xpath/ Specification-Title JDOM XPath Classes Medium Product file name jdom High Product manifest: org/jdom/transform/ Implementation-Title org.jdom.transform Medium Product pom artifactid jdom Highest Product jar package name document Highest Product jar package name adapters Highest Version manifest: org/jdom/xpath/ Implementation-Version 1.1 Medium Version manifest: org/jdom/input/ Implementation-Version 1.1 Medium Version manifest: org/jdom/filter/ Implementation-Version 1.1 Medium Version manifest: org/jdom/ Implementation-Version 1.1 Medium Version manifest: org/jdom/output/ Implementation-Version 1.1 Medium Version manifest: org/jdom/transform/ Implementation-Version 1.1 Medium Version manifest: org/jdom/adapters/ Implementation-Version 1.1 Medium Version file version 1.1 High Version pom version 1.1 Highest
jetty-io-9.2.29.v20191105.jarDescription:
Administrative parent pom for Jetty modules License:
http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-io\9.2.29.v20191105\jetty-io-9.2.29.v20191105.jar
MD5: 92f536f40161b0571d749a081573a915
SHA1: 97b1b95cc517f3740c9788d261d0d015cdbcf416
SHA256: 47f33a9223fef8e2456b4cc09e9e6596692af515a35207b248eccd4956940650
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor Eclipse.org - Jetty High Vendor pom url http://www.eclipse.org/jetty Highest Vendor jar package name io Highest Vendor jar package name eclipse Highest Vendor pom name Jetty :: IO Utility High Vendor Manifest url http://www.eclipse.org/jetty Low Vendor pom groupid org.eclipse.jetty Highest Vendor pom parent-groupid org.eclipse.jetty Medium Vendor pom artifactid jetty-io Low Vendor pom parent-artifactid jetty-project Low Vendor Manifest bundle-symbolicname org.eclipse.jetty.io Medium Vendor pom groupid eclipse.jetty Highest Vendor Manifest bundle-copyright Copyright (c) 2008-2017 Mort Bay Consulting Pty. Ltd. Low Vendor file name jetty-io High Vendor Manifest bundle-docurl http://www.eclipse.org/jetty Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor jar package name jetty Highest Product pom parent-artifactid jetty-project Medium Product Manifest Bundle-Name Jetty :: IO Utility Medium Product jar package name io Highest Product jar package name eclipse Highest Product pom url http://www.eclipse.org/jetty Medium Product pom name Jetty :: IO Utility High Product Manifest url http://www.eclipse.org/jetty Low Product pom parent-groupid org.eclipse.jetty Medium Product Manifest bundle-symbolicname org.eclipse.jetty.io Medium Product pom artifactid jetty-io Highest Product pom groupid eclipse.jetty Highest Product Manifest bundle-copyright Copyright (c) 2008-2017 Mort Bay Consulting Pty. Ltd. Low Product file name jetty-io High Product Manifest bundle-docurl http://www.eclipse.org/jetty Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product jar package name jetty Highest Version file version 9.2.29.v20191105 High Version Manifest Implementation-Version 9.2.29.v20191105 High Version pom version 9.2.29.v20191105 Highest Version Manifest Bundle-Version 9.2.29.v20191105 High
jetty-server-9.2.29.v20191105.jarDescription:
The core jetty server artifact. License:
http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-server\9.2.29.v20191105\jetty-server-9.2.29.v20191105.jar
MD5: 2e9d8a0d68cca2e58ed4fc8f6e561168
SHA1: a304978c275adb387be1341eeb084f58776088bf
SHA256: 5e9f09e895ebff98f608da033b67eba7a9f638db64729c8583aa3b61fdaa4280
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name jetty-server High Vendor Manifest Implementation-Vendor Eclipse.org - Jetty High Vendor pom url http://www.eclipse.org/jetty Highest Vendor Manifest bundle-symbolicname org.eclipse.jetty.server Medium Vendor pom name Jetty :: Server Core High Vendor jar package name server Highest Vendor jar package name eclipse Highest Vendor Manifest url http://www.eclipse.org/jetty Low Vendor pom artifactid jetty-server Low Vendor pom groupid org.eclipse.jetty Highest Vendor pom parent-groupid org.eclipse.jetty Medium Vendor pom parent-artifactid jetty-project Low Vendor pom groupid eclipse.jetty Highest Vendor Manifest bundle-copyright Copyright (c) 2008-2017 Mort Bay Consulting Pty. Ltd. Low Vendor Manifest bundle-docurl http://www.eclipse.org/jetty Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor jar package name jetty Highest Product file name jetty-server High Product pom parent-artifactid jetty-project Medium Product pom artifactid jetty-server Highest Product Manifest bundle-symbolicname org.eclipse.jetty.server Medium Product pom name Jetty :: Server Core High Product jar package name server Highest Product jar package name eclipse Highest Product pom url http://www.eclipse.org/jetty Medium Product Manifest url http://www.eclipse.org/jetty Low Product Manifest Bundle-Name Jetty :: Server Core Medium Product pom parent-groupid org.eclipse.jetty Medium Product pom groupid eclipse.jetty Highest Product Manifest bundle-copyright Copyright (c) 2008-2017 Mort Bay Consulting Pty. Ltd. Low Product Manifest bundle-docurl http://www.eclipse.org/jetty Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product jar package name jetty Highest Version file version 9.2.29.v20191105 High Version Manifest Implementation-Version 9.2.29.v20191105 High Version pom version 9.2.29.v20191105 Highest Version Manifest Bundle-Version 9.2.29.v20191105 High
Related Dependencies jetty-http-9.2.29.v20191105.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-http\9.2.29.v20191105\jetty-http-9.2.29.v20191105.jar MD5: 314ed6926144cb5e9a707ee384db4add SHA1: 4e0faf371ac5defadf4545febfb6742b5b11c8e3 SHA256: 7cc518e9c05579f16c0b8038fc98dc3e85e682f0e5535c30cf5dbe06c160ecff pkg:maven/org.eclipse.jetty/jetty-http@9.2.29.v20191105 Published Vulnerabilities CVE-2017-9735 (OSSINDEX) suppress
Jetty through 9.4.x is prone to a timing channel in util/security/Password.java, which makes it easier for remote attackers to obtain access by observing elapsed times before rejection of incorrect passwords. CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.eclipse.jetty:jetty-server:9.2.29.v20191105:*:*:*:*:*:*:* CVE-2020-27216 suppress
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (4.6) Vector: /AV:L/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (7.8) Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
jetty-xml-9.2.29.v20191105.jarDescription:
The jetty xml utilities. License:
http://www.apache.org/licenses/LICENSE-2.0, http://www.eclipse.org/org/documents/epl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-xml\9.2.29.v20191105\jetty-xml-9.2.29.v20191105.jar
MD5: ec8779cf21efea5269fe8db73f5165ef
SHA1: 4b44dfc8deb5dfea1815a48f14a1ef807a92146e
SHA256: c59a6bf54c38effcb230d24789dfad94742b5015f8d357ac500e9f51b184b589
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor Eclipse.org - Jetty High Vendor pom url http://www.eclipse.org/jetty Highest Vendor Manifest bundle-symbolicname org.eclipse.jetty.xml Medium Vendor jar package name eclipse Highest Vendor Manifest url http://www.eclipse.org/jetty Low Vendor jar package name xml Highest Vendor pom artifactid jetty-xml Low Vendor pom groupid org.eclipse.jetty Highest Vendor pom parent-groupid org.eclipse.jetty Medium Vendor pom parent-artifactid jetty-project Low Vendor file name jetty-xml High Vendor pom groupid eclipse.jetty Highest Vendor Manifest bundle-copyright Copyright (c) 2008-2017 Mort Bay Consulting Pty. Ltd. Low Vendor Manifest bundle-docurl http://www.eclipse.org/jetty Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor pom name Jetty :: XML utilities High Vendor jar package name jetty Highest Product pom parent-artifactid jetty-project Medium Product Manifest bundle-symbolicname org.eclipse.jetty.xml Medium Product jar package name eclipse Highest Product pom url http://www.eclipse.org/jetty Medium Product Manifest Bundle-Name Jetty :: XML utilities Medium Product Manifest url http://www.eclipse.org/jetty Low Product jar package name xml Highest Product pom parent-groupid org.eclipse.jetty Medium Product file name jetty-xml High Product pom groupid eclipse.jetty Highest Product Manifest bundle-copyright Copyright (c) 2008-2017 Mort Bay Consulting Pty. Ltd. Low Product pom artifactid jetty-xml Highest Product Manifest bundle-docurl http://www.eclipse.org/jetty Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product pom name Jetty :: XML utilities High Product jar package name jetty Highest Version file version 9.2.29.v20191105 High Version Manifest Implementation-Version 9.2.29.v20191105 High Version pom version 9.2.29.v20191105 Highest Version Manifest Bundle-Version 9.2.29.v20191105 High
Related Dependencies jetty-webapp-9.2.29.v20191105.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-webapp\9.2.29.v20191105\jetty-webapp-9.2.29.v20191105.jar MD5: 423be8b5a4f08e056b6ce0b191756356 SHA1: 46242d9b593e5373c83e5f461d649818583f962e SHA256: d8715bd58d024465d2871e312492f599ace47019a7c1492c6ed7dddbcab116e2 pkg:maven/org.eclipse.jetty/jetty-webapp@9.2.29.v20191105 jetty-util-9.2.29.v20191105.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-util\9.2.29.v20191105\jetty-util-9.2.29.v20191105.jar MD5: 700960b3703e860b466efd4681aab99a SHA1: 28df3c6a11af16945f76cbb5bdeea5b613941042 SHA256: 7fd4c2d7315f6b003eeb212ab0ea11869c1ddb1af3f65f114a07d5a98436ade8 pkg:maven/org.eclipse.jetty/jetty-util@9.2.29.v20191105 jetty-servlet-9.2.29.v20191105.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-servlet\9.2.29.v20191105\jetty-servlet-9.2.29.v20191105.jar MD5: c2669efad3c1c473673b710c27fc2a9d SHA1: 77584e96add326ad65ea10934c89e82ceabde095 SHA256: 7ace5b4fad3618a0f32fd75780d8357b128f89a6f714aca123fb55834a8688fb pkg:maven/org.eclipse.jetty/jetty-servlet@9.2.29.v20191105 jetty-security-9.2.29.v20191105.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jetty\jetty-security\9.2.29.v20191105\jetty-security-9.2.29.v20191105.jar MD5: f064623c65f0e126089d83b00782a1e0 SHA1: a14ab54ad9b31934d0017dc337273cfcc9e2256f SHA256: 44ad14ae47cd5d14a2b6176815361d6666cfc657eeac2755ce776ada0fdd143c pkg:maven/org.eclipse.jetty/jetty-security@9.2.29.v20191105 Published Vulnerabilities CVE-2020-27216 suppress
In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix like systems, the system's temporary directory is shared between all users on that system. A collocated user can observe the process of creating a temporary sub directory in the shared temporary directory and race to complete the creation of the temporary subdirectory. If the attacker wins the race then they will have read and write permission to the subdirectory used to unpack web applications, including their WEB-INF/lib jar files and JSP files. If any code is ever executed out of this temporary directory, this can lead to a local privilege escalation vulnerability. NVD-CWE-Other
CVSSv2:
Base Score: MEDIUM (4.6) Vector: /AV:L/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (7.8) Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
jna-3.5.2.jarDescription:
Java Native Access License:
LGPL, version 2.1: http://creativecommons.org/licenses/LGPL/2.1/ File Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\3.5.2\jna-3.5.2.jar
MD5: 3d1cb033c2ceb7c8169a58391b388367
SHA1: f1bf9fe267e17c1a8f7d1aa2c985e7fe81a06da6
SHA256: 79b12cf8941fda2cb66a541e019fb548063e37df4aa4d7e2196a244c9474e54a
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-category jni Low Vendor Manifest specification-vendor JNA Development Team Low Vendor jar package name sun Highest Vendor Manifest bundle-symbolicname com.sun.jna Medium Vendor pom groupid net.java.dev.jna Highest Vendor file name jna High Vendor pom artifactid jna Low Vendor jar package name native Highest Vendor jar (hint) package name oracle Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor pom name Java Native Access High Vendor pom url twall/jna Highest Vendor jar package name jna Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Vendor Manifest Implementation-Vendor JNA Development Team High Vendor Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-amd64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-amd64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-i386/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-amd64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/openbsd-i386/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/freebsd-i386/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-amd64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/darwin/libjnidispatch.jnilib; osname=macosx;processor=x86;processor=x86-64;processor=ppc Low Product Manifest bundle-category jni Low Product Manifest Bundle-Name jna Medium Product jar package name sun Highest Product Manifest bundle-symbolicname com.sun.jna Medium Product pom groupid net.java.dev.jna Highest Product file name jna High Product Manifest specification-title Java Native Access (JNA) Medium Product pom url twall/jna High Product pom artifactid jna Highest Product Manifest Implementation-Title com.sun.jna High Product jar package name native Highest Product jar package name library Highest Product Manifest bundle-activationpolicy lazy Low Product pom name Java Native Access High Product jar package name jna Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Product Manifest bundle-nativecode com/sun/jna/win32-x86/jnidispatch.dll; processor=x86;osname=win32, com/sun/jna/win32-amd64/jnidispatch.dll; processor=x86-64;osname=win32, com/sun/jna/w32ce-arm/jnidispatch.dll; processor=arm;osname=wince, com/sun/jna/sunos-x86/libjnidispatch.so; processor=x86;osname=sunos, com/sun/jna/sunos-amd64/libjnidispatch.so; processor=x86-64;osname=sunos, com/sun/jna/sunos-sparc/libjnidispatch.so; processor=sparc;osname=sunos, com/sun/jna/sunos-sparcv9/libjnidispatch.so; processor=sparcv9;osname=sunos, com/sun/jna/aix-ppc/libjnidispatch.a; processor=ppc;osname=aix, com/sun/jna/aix-ppc64/libjnidispatch.a; processor=ppc64;osname=aix, com/sun/jna/linux-ppc/libjnidispatch.so; processor=ppc;osname=linux, com/sun/jna/linux-ppc64/libjnidispatch.so; processor=ppc64;osname=linux, com/sun/jna/linux-i386/libjnidispatch.so; processor=x86;osname=linux, com/sun/jna/linux-amd64/libjnidispatch.so; processor=x86-64;osname=linux, com/sun/jna/linux-arm/libjnidispatch.so; processor=arm;osname=linux, com/sun/jna/linux-ia64/libjnidispatch.so; processor=ia64;osname=linux, com/sun/jna/openbsd-i386/libjnidispatch.so; processor=x86;osname=openbsd, com/sun/jna/freebsd-i386/libjnidispatch.so; processor=x86;osname=freebsd, com/sun/jna/freebsd-amd64/libjnidispatch.so; processor=x86-64;osname=freebsd, com/sun/jna/darwin/libjnidispatch.jnilib; osname=macosx;processor=x86;processor=x86-64;processor=ppc Low Product jar package name win32 Highest Version pom version 3.5.2 Highest Version file version 3.5.2 High
jna-3.5.2.jar: jnidispatch.dllFile Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\3.5.2\jna-3.5.2.jar\com\sun\jna\w32ce-arm\jnidispatch.dllMD5: ab3a7d2933faadccca72d53107329208SHA1: a65e00a6baf2144ae511662924344e790f06b72bSHA256: 23362ed9e4a20e649344a91f6c325b7cd9f194c3f86a5c443bc0c336566ab580Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
jna-3.5.2.jar: jnidispatch.dllFile Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\3.5.2\jna-3.5.2.jar\com\sun\jna\win32-amd64\jnidispatch.dllMD5: 3cfe09aa1c4e999fedb2a995428e4de3SHA1: e501129a110431c3a7bc60576a19eef2ba984356SHA256: 3f7553803b33b999e313ed4a069ae9872c595038fe35a54c053a1b19d89dcfadReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
jna-3.5.2.jar: jnidispatch.dllFile Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\jna\3.5.2\jna-3.5.2.jar\com\sun\jna\win32-x86\jnidispatch.dllMD5: 067d8ddfbf8b8f0eae9fbc719fd45e8dSHA1: 216bbd1ba844d0ec64617f529e24c3002deb6c4aSHA256: dc63baca7b97fece2c2875373fbe8956750140a60831ae22825255f3116a078cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name jnidispatch High Product file name jnidispatch High
joda-time-2.10.8.jarDescription:
Date and time library to replace JDK date handling License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\joda-time\joda-time\2.10.8\joda-time-2.10.8.jar
MD5: 91ff4435bdfbba33a7b5eba6f8e5588a
SHA1: b0442d652c209a7ba7af0410ce219d997a447701
SHA256: da04572b431597f0a42e6a7f44973f2bdc975776c25ad3cdb2ba92d17c554a66
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname joda-time Medium Vendor Manifest bundle-docurl https://www.joda.org/joda-time/ Low Vendor Manifest automatic-module-name org.joda.time Medium Vendor Manifest specification-vendor Joda.org Low Vendor pom organization name Joda.org High Vendor Manifest implementation-url https://www.joda.org/joda-time/ Low Vendor pom groupid joda-time Highest Vendor pom name Joda-Time High Vendor pom organization url https://www.joda.org Medium Vendor file name joda-time High Vendor pom url https://www.joda.org/joda-time/ Highest Vendor Manifest Implementation-Vendor-Id org.joda Medium Vendor pom artifactid joda-time Low Vendor jar package name joda Highest Vendor Manifest extension-name joda-time Medium Vendor Manifest Implementation-Vendor Joda.org High Vendor jar package name time Highest Product Manifest bundle-symbolicname joda-time Medium Product Manifest bundle-docurl https://www.joda.org/joda-time/ Low Product Manifest Implementation-Title org.joda.time High Product Manifest automatic-module-name org.joda.time Medium Product pom organization url https://www.joda.org Low Product Manifest implementation-url https://www.joda.org/joda-time/ Low Product pom url https://www.joda.org/joda-time/ Medium Product pom groupid joda-time Highest Product pom name Joda-Time High Product pom artifactid joda-time Highest Product pom organization name Joda.org Low Product file name joda-time High Product jar package name joda Highest Product Manifest specification-title Joda-Time Medium Product Manifest extension-name joda-time Medium Product Manifest Bundle-Name Joda-Time Medium Product jar package name time Highest Version pom version 2.10.8 Highest Version Manifest Implementation-Version 2.10.8 High Version Manifest Bundle-Version 2.10.8 High Version file version 2.10.8 High
js-1.6R7.jarDescription:
Rhino: JavaScript for Java License:
Mozilla Public License version 1.1: http://www.mozilla.org/MPL/MPL-1.1.html File Path: C:\Users\Jeremy\.m2\repository\rhino\js\1.6R7\js-1.6R7.jar
MD5: 4995caee1cf36af248f15df2b8ef4341
SHA1: 77e5e566457426095c743be207cba53a2391dffa
SHA256: d40dc06eed6a5fecaa3614c59fc8a189a78c58008354cd41181a61af0169bc87
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name js High Vendor pom url http://www.mozilla.org/rhino/ Highest Vendor jar package name javascript Highest Vendor pom groupid rhino Highest Vendor jar package name javascript Low Vendor pom artifactid js Low Vendor pom name Rhino High Vendor jar package name mozilla Low Product file name js High Product jar package name javascript Highest Product pom groupid rhino Highest Product jar package name javascript Low Product pom url http://www.mozilla.org/rhino/ Medium Product pom artifactid js Highest Product pom name Rhino High Version pom version 1.6R7 Highest
jsch-0.1.53.jarDescription:
JSch is a pure Java implementation of SSH2 License:
Revised BSD: http://www.jcraft.com/jsch/LICENSE.txt File Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch\0.1.53\jsch-0.1.53.jar
MD5: c0100ab204ee4ce8e693c4fd6cf7f900
SHA1: 658b682d5c817b27ae795637dfec047c63d29935
SHA256: f00d5cb29d70a98ef6bf2000edc89b415ae6f59d25e33caf5578b20d0d400932
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name jcraft Low Vendor pom name JSch High Vendor pom organization url http://www.jcraft.com/ Medium Vendor pom groupid com.jcraft Highest Vendor jar package name jsch Low Vendor pom organization name JCraft,Inc. High Vendor file name jsch High Vendor pom url http://www.jcraft.com/jsch/ Highest Vendor pom artifactid jsch Low Vendor jar package name jcraft Highest Vendor pom groupid jcraft Highest Vendor jar package name jsch Highest Product pom artifactid jsch Highest Product pom name JSch High Product pom url http://www.jcraft.com/jsch/ Medium Product jar package name jcraft Highest Product pom groupid jcraft Highest Product jar package name jsch Low Product pom organization url http://www.jcraft.com/ Low Product file name jsch High Product jar package name jsch Highest Product pom organization name JCraft,Inc. Low Version file version 0.1.53 High Version pom version 0.1.53 Highest
Published Vulnerabilities CVE-2016-5725 suppress
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions:
jsch.agentproxy.core-0.0.7.jarDescription:
a proxy to ssh-agent and Pageant in Java License:
http://www.jcraft.com/jsch-agent-proxy/LICENSE.txt File Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.core\0.0.7\jsch.agentproxy.core-0.0.7.jar
MD5: 0d4248a640962d82159b4e9c4bb48c76
SHA1: 9bcf818dc9e5247b01b1b18671a12caac293ae40
SHA256: c5cb21fed78fd2c581e40276e428b6407e4801edb0baa1f7ef0c1025d06a3a7f
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name agentproxy Highest Vendor pom parent-artifactid jsch.agentproxy Low Vendor pom parent-groupid com.jcraft Medium Vendor pom groupid com.jcraft Highest Vendor file name jsch.agentproxy.core High Vendor Manifest bundle-docurl http://www.jcraft.com/ Low Vendor pom artifactid jsch.agentproxy.core Low Vendor Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.core Medium Vendor jar package name jcraft Highest Vendor pom groupid jcraft Highest Vendor pom name jsch-agent-proxy core library High Vendor jar package name jsch Highest Product jar package name agentproxy Highest Product pom parent-groupid com.jcraft Medium Product file name jsch.agentproxy.core High Product Manifest bundle-docurl http://www.jcraft.com/ Low Product pom parent-artifactid jsch.agentproxy Medium Product pom artifactid jsch.agentproxy.core Highest Product Manifest Bundle-Name jsch-agent-proxy core library Medium Product jar package name jcraft Highest Product Manifest bundle-symbolicname com.jcraft.jsch.agentproxy.core Medium Product pom groupid jcraft Highest Product pom name jsch-agent-proxy core library High Product jar package name jsch Highest Version file version 0.0.7 High Version Manifest Bundle-Version 0.0.7 High Version pom version 0.0.7 Highest
Related Dependencies jsch.agentproxy.connector-factory-0.0.7.jarFile Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.connector-factory\0.0.7\jsch.agentproxy.connector-factory-0.0.7.jar MD5: 50885bf953879373de768314dcf222a7 SHA1: 780e0312287dd4e4f3601d401a073a081e403f2d SHA256: b576930d6a822761123365358d90281351d88cec2dd845912873c1696184d6cb pkg:maven/com.jcraft/jsch.agentproxy.connector-factory@0.0.7 jsch.agentproxy.sshagent-0.0.7.jarFile Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.sshagent\0.0.7\jsch.agentproxy.sshagent-0.0.7.jar MD5: 5c4483e01a032a784be2f0b2ccb983ea SHA1: 5c09a3d2a0562de53cf616794f43f51a3c0a496c SHA256: fd03fdeb40312846a0827cce1b2f93773d0d1ccc134bdb953dfac2d2cd44b321 pkg:maven/com.jcraft/jsch.agentproxy.sshagent@0.0.7 jsch.agentproxy.usocket-nc-0.0.7.jarFile Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.usocket-nc\0.0.7\jsch.agentproxy.usocket-nc-0.0.7.jar MD5: b67c8e11e8792fd5a96c08a2e50bddb6 SHA1: aff6f0f3a68f9731580d7c48075fdf177532dfe6 SHA256: 231294f658fb855c0c8d070fc1c654d2b82772acc092e8d5ba53e9ae717a7096 pkg:maven/com.jcraft/jsch.agentproxy.usocket-nc@0.0.7 jsch.agentproxy.usocket-jna-0.0.7.jarFile Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.usocket-jna\0.0.7\jsch.agentproxy.usocket-jna-0.0.7.jar MD5: 154b2f744a11226fd8abd92baef84523 SHA1: 98cf51ca8d7882c203729ffa48e9b7be4c50b835 SHA256: 57b8169c4877a4820a57df9ec5e5306d195d633d90672d3cc05ea876ba6d4999 pkg:maven/com.jcraft/jsch.agentproxy.usocket-jna@0.0.7 jsch.agentproxy.svnkit-trilead-ssh2-0.0.7.jarFile Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.svnkit-trilead-ssh2\0.0.7\jsch.agentproxy.svnkit-trilead-ssh2-0.0.7.jar MD5: 3f5cb0506577bb2c3dd1488079cd789f SHA1: 95015f649026507428aa2f37baba69ba8a86dc67 SHA256: d0f54fa650ef7130046dd752c1cf46b2dd1f1009632cf82ad0a2dc6e7dde0f57 pkg:maven/com.jcraft/jsch.agentproxy.svnkit-trilead-ssh2@0.0.7 jsch.agentproxy.pageant-0.0.7.jarFile Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.pageant\0.0.7\jsch.agentproxy.pageant-0.0.7.jar MD5: 200f22f9b2845e11eaa5f6a8bad51feb SHA1: b40c0d9b10d79a0683ca93e3f70360b3d8045b62 SHA256: 609b7b9d00b29021397544652b649045209c41165790612b2b0df6f74c8dfb27 pkg:maven/com.jcraft/jsch.agentproxy.pageant@0.0.7 Published Vulnerabilities CVE-2016-5725 suppress
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions:
jsch.agentproxy.jsch-0.0.9.jarFile Path: C:\Users\Jeremy\.m2\repository\com\jcraft\jsch.agentproxy.jsch\0.0.9\jsch.agentproxy.jsch-0.0.9.jarMD5: ebe662626324228073d8e9e9b07df2caSHA1: 26f5c718216f1668f674816e580aa7c92f2660adSHA256: 08d78397a3da46ad70604d35f4efae34ed81894b4e2ae98ad7662a2c9fc0cbe1Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name agentproxy Highest Vendor jar package name jcraft Low Vendor pom parent-artifactid jsch.agentproxy Low Vendor pom parent-groupid com.jcraft Medium Vendor pom groupid com.jcraft Highest Vendor jar package name jsch Low Vendor jar package name agentproxy Low Vendor file name jsch.agentproxy.jsch High Vendor pom name a library to use jsch-agent-proxy with JSch High Vendor jar package name jcraft Highest Vendor pom groupid jcraft Highest Vendor pom artifactid jsch.agentproxy.jsch Low Vendor jar package name jsch Highest Product jar package name agentproxy Highest Product file name jsch.agentproxy.jsch High Product pom artifactid jsch.agentproxy.jsch Highest Product pom parent-artifactid jsch.agentproxy Medium Product pom name a library to use jsch-agent-proxy with JSch High Product jar package name jcraft Highest Product pom groupid jcraft Highest Product pom parent-groupid com.jcraft Medium Product jar package name jsch Low Product jar package name agentproxy Low Product jar package name jsch Highest Version file version 0.0.9 High Version pom version 0.0.9 Highest
Published Vulnerabilities CVE-2016-5725 suppress
Directory traversal vulnerability in JCraft JSch before 0.1.54 on Windows, when the mode is ChannelSftp.OVERWRITE, allows remote SFTP servers to write to arbitrary files via a ..\ (dot dot backslash) in a response to a recursive GET command. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions:
jsdt-core-2.8.0.jarDescription:
Repackaging of Eclipse JSDT bundled for Maven Central License:
Eclipse Public License: http://www.eclipse.org/legal/epl-v10.html File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar
MD5: 738b3282f8ab0069bb566430a3249ae6
SHA1: 259aa4a47658efcab21566a3deb8af1701e0c5cf
SHA256: 37f43ac0330f61574d0aa7861128fe09b81cb10df50c683a552b235606abee31
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name net Highest Vendor Manifest require-bundle org.eclipse.wst.jsdt.core;bundle-version="[1.0.0,10.0.0)" Low Vendor Manifest bundle-symbolicname jsdt-core Medium Vendor pom artifactid jsdt-core Low Vendor file name jsdt-core High Vendor jar package name bundle Highest Vendor jar package name eclipse Highest Vendor pom url revelc/jsdt-core/ Highest Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor pom groupid net.revelc.code.formatter Highest Vendor pom name Eclipse JSDT Core Bundle High Vendor jar package name jsdt Highest Vendor Manifest build-jdk-spec 11 Low Product jar package name net Highest Product Manifest require-bundle org.eclipse.wst.jsdt.core;bundle-version="[1.0.0,10.0.0)" Low Product Manifest bundle-symbolicname jsdt-core Medium Product jar package name wst Highest Product file name jsdt-core High Product jar package name bundle Highest Product jar package name eclipse Highest Product pom artifactid jsdt-core Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom groupid net.revelc.code.formatter Highest Product pom name Eclipse JSDT Core Bundle High Product jar package name version Highest Product jar package name jsdt Highest Product Manifest build-jdk-spec 11 Low Product pom url revelc/jsdt-core/ High Product Manifest Bundle-Name Eclipse JSDT core Medium Version Manifest Bundle-Version 2.8.0 High Version file version 2.8.0 High Version pom version 2.8.0 Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.emf:org.eclipse.emf.common:2.19.0-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.emf/org.eclipse.emf.common/pom.xmlMD5: f6487d9fcf7d2568f2d94a7402b7c406SHA1: b44f847b5bf2eef7003943d4fec9d2c3f41a13e1SHA256: ddf28e84e377c1a318a83244dc9671a02c9dfde924e97b60b24c154aa5279806Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid org.eclipse.emf.plugins Low Vendor pom parent-groupid org.eclipse.emf Medium Vendor pom artifactid eclipse.emf.common Low Vendor pom groupid eclipse.emf Highest Product pom artifactid eclipse.emf.common Highest Product pom parent-artifactid org.eclipse.emf.plugins Medium Product pom parent-groupid org.eclipse.emf Medium Product pom groupid eclipse.emf Highest Version pom version 2.19.0-SNAPSHOT Highest Version pom parent-version 2.19.0-SNAPSHOT Low
jsdt-core-2.8.0.jar (shaded: org.eclipse.emf:org.eclipse.emf.ecore:2.22.0-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.emf/org.eclipse.emf.ecore/pom.xmlMD5: 6a7a528642f553fd89d846666ac97ec4SHA1: d0a218d13d94dd84083e33389d77e439c5790f69SHA256: ea8884c8cbe1a4fbae24e650ab0afff99549f104a0e8cbb3f836ae63c5c5999cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid org.eclipse.emf.plugins Low Vendor pom artifactid eclipse.emf.ecore Low Vendor pom parent-groupid org.eclipse.emf Medium Vendor pom groupid eclipse.emf Highest Product pom artifactid eclipse.emf.ecore Highest Product pom parent-artifactid org.eclipse.emf.plugins Medium Product pom parent-groupid org.eclipse.emf Medium Product pom groupid eclipse.emf Highest Version pom version 2.22.0-SNAPSHOT Highest Version pom parent-version 2.22.0-SNAPSHOT Low
jsdt-core-2.8.0.jar (shaded: org.eclipse.orbit.bundles:com.google.gson:2.8.2-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.orbit.bundles/com.google.gson/pom.xmlMD5: 113b2aebad0170691a2a74b528de73a6SHA1: e9b043d537bf2ed3bdb6515b019c34883b799ccaSHA256: d8be9704c872a85dffef05a898af5c66ad96617e3965984a30e658d794dd9f98Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Gson: Google Json Library for Java High Vendor pom artifactid google.gson Low Vendor pom parent-artifactid google Low Vendor pom parent-groupid org.eclipse.orbit.bundles Medium Vendor pom groupid eclipse.orbit.bundles Highest Product pom artifactid google.gson Highest Product pom name Gson: Google Json Library for Java High Product pom parent-groupid org.eclipse.orbit.bundles Medium Product pom parent-artifactid google Medium Product pom groupid eclipse.orbit.bundles Highest Version pom parent-version 2.8.2-SNAPSHOT Low Version pom version 2.8.2-SNAPSHOT Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.orbit.bundles:com.google.guava:27.1.0-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.orbit.bundles/com.google.guava/pom.xmlMD5: d93038156b2a6c41f29e9343818bd1a7SHA1: 3101d37804e20493a965fb7e69fe424d07965a47SHA256: a4dde7b7cf05a8f011935ac9e72c82d3e05954c15a41f4737bf9813f728f3fc9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid google.guava Low Vendor pom name Guava: Google Core Libraries for Java High Vendor pom parent-artifactid google Low Vendor pom parent-groupid org.eclipse.orbit.bundles Medium Vendor pom groupid eclipse.orbit.bundles Highest Product pom name Guava: Google Core Libraries for Java High Product pom artifactid google.guava Highest Product pom parent-groupid org.eclipse.orbit.bundles Medium Product pom parent-artifactid google Medium Product pom groupid eclipse.orbit.bundles Highest Version pom parent-version 27.1.0-SNAPSHOT Low Version pom version 27.1.0-SNAPSHOT Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.orbit.bundles:com.google.javascript:0.0.20160315-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.orbit.bundles/com.google.javascript/pom.xmlMD5: 52db06a1d878c1842882687ba70d4267SHA1: 154c692c5f6b07e0cd6467489f1c53ae8e25f737SHA256: 36b9d8f56b55a6a501d0c686411fc80dc97ab247fbf1006c6b49deceb69b2022Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid google.javascript Low Vendor pom parent-artifactid google Low Vendor pom parent-groupid org.eclipse.orbit.bundles Medium Vendor pom groupid eclipse.orbit.bundles Highest Vendor pom name Closure Compiler High Product pom artifactid google.javascript Highest Product pom parent-groupid org.eclipse.orbit.bundles Medium Product pom parent-artifactid google Medium Product pom groupid eclipse.orbit.bundles Highest Product pom name Closure Compiler High Version pom version 0.0.20160315-SNAPSHOT Highest Version pom parent-version 0.0.20160315-SNAPSHOT Low
jsdt-core-2.8.0.jar (shaded: org.eclipse.orbit.bundles:com.ibm.icu:64.2.0-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.orbit.bundles/com.ibm.icu/pom.xmlMD5: 683d713f7a9f5160e057ebfc57562cccSHA1: 58122b25799db246cb2252090af87cd508760860SHA256: dbeba72c0f319c23a37ea2bd3bb946d65b257f3221136e1705e0eb0fb77ba1b1Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.eclipse.orbit.bundles Medium Vendor pom artifactid ibm.icu Low Vendor pom name ICU4J 64.2 High Vendor pom groupid eclipse.orbit.bundles Highest Vendor pom parent-artifactid icu4j-parent Low Product pom artifactid ibm.icu Highest Product pom parent-groupid org.eclipse.orbit.bundles Medium Product pom parent-artifactid icu4j-parent Medium Product pom name ICU4J 64.2 High Product pom groupid eclipse.orbit.bundles Highest Version pom parent-version 64.2.0-SNAPSHOT Low Version pom version 64.2.0-SNAPSHOT Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.webtools.common:org.eclipse.wst.common.core:1.3.0-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.webtools.common/org.eclipse.wst.common.core/pom.xmlMD5: 543e8e36c78af563a74b762fdb927d4eSHA1: 33f1d63ff904e9a453e7d10c860bc7a4f7d99afaSHA256: 094226269c37e7bf6d2ce2758603cb50856509573147418fe160a6c974347ba6Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.eclipse.webtools.common Medium Vendor pom artifactid eclipse.wst.common.core Low Vendor pom groupid eclipse.webtools.common Highest Vendor pom parent-artifactid org.eclipse.webtools.common.plugins Low Product pom artifactid eclipse.wst.common.core Highest Product pom parent-artifactid org.eclipse.webtools.common.plugins Medium Product pom parent-groupid org.eclipse.webtools.common Medium Product pom groupid eclipse.webtools.common Highest Version pom parent-version 1.3.0-SNAPSHOT Low Version pom version 1.3.0-SNAPSHOT Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.webtools.common:org.eclipse.wst.common.environment:1.0.400-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.webtools.common/org.eclipse.wst.common.environment/pom.xmlMD5: 23e12f0ffc5443a91a01f6027114d555SHA1: c92a10f733762cefd08593bd76a4ce29d116a07fSHA256: 332a71276fce9a4f2aab451c6e0184b97675cbc9733eaf351c844dfb5fab165fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.eclipse.webtools.common Medium Vendor pom groupid eclipse.webtools.common Highest Vendor pom artifactid eclipse.wst.common.environment Low Vendor pom parent-artifactid org.eclipse.webtools.common.plugins Low Product pom parent-artifactid org.eclipse.webtools.common.plugins Medium Product pom parent-groupid org.eclipse.webtools.common Medium Product pom groupid eclipse.webtools.common Highest Product pom artifactid eclipse.wst.common.environment Highest Version pom version 1.0.400-SNAPSHOT Highest Version pom parent-version 1.0.400-SNAPSHOT Low
jsdt-core-2.8.0.jar (shaded: org.eclipse.webtools.common:org.eclipse.wst.common.frameworks:1.2.201-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.webtools.common/org.eclipse.wst.common.frameworks/pom.xmlMD5: 295247c91a7eb0eee40bcdd82767abf9SHA1: c5d9f6dadb5d3ad7b3fc1c51c0903900bd85e8adSHA256: 1ec20fc51faa17af57e0852d71c897f79e9d674fe8c1204c1df29d2050fe7721Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid eclipse.wst.common.frameworks Low Vendor pom parent-groupid org.eclipse.webtools.common Medium Vendor pom groupid eclipse.webtools.common Highest Vendor pom parent-artifactid org.eclipse.webtools.common.plugins Low Product pom parent-artifactid org.eclipse.webtools.common.plugins Medium Product pom artifactid eclipse.wst.common.frameworks Highest Product pom parent-groupid org.eclipse.webtools.common Medium Product pom groupid eclipse.webtools.common Highest Version pom parent-version 1.2.201-SNAPSHOT Low Version pom version 1.2.201-SNAPSHOT Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.webtools.common:org.eclipse.wst.common.project.facet.core:1.4.400-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.webtools.common/org.eclipse.wst.common.project.facet.core/pom.xmlMD5: fd76fc94693c3e737694ebd4440a219fSHA1: a4eaf670c92c2c448f6db304f57110bb83c6c71bSHA256: a0b38af31ccd6b445638d38339f0b655e4281146ff0f9cb192c7f21b09598e38Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.eclipse.webtools.common Medium Vendor pom artifactid eclipse.wst.common.project.facet.core Low Vendor pom groupid eclipse.webtools.common Highest Vendor pom parent-artifactid org.eclipse.webtools.common.plugins Low Product pom parent-artifactid org.eclipse.webtools.common.plugins Medium Product pom parent-groupid org.eclipse.webtools.common Medium Product pom groupid eclipse.webtools.common Highest Product pom artifactid eclipse.wst.common.project.facet.core Highest Version pom parent-version 1.4.400-SNAPSHOT Low Version pom version 1.4.400-SNAPSHOT Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.webtools.common:org.eclipse.wst.validation:1.2.800-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.webtools.common/org.eclipse.wst.validation/pom.xmlMD5: 24d0dffd75923b2eacf75d46ed248574SHA1: 67782da2b1deb62f146b6450dc467dc271a53818SHA256: 40940e5fb624d88c2ae80310e83fcb8d2985879cdf01c283b8a221f33e6485cdReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid eclipse.wst.validation Low Vendor pom parent-groupid org.eclipse.webtools.common Medium Vendor pom groupid eclipse.webtools.common Highest Vendor pom parent-artifactid org.eclipse.webtools.common.plugins Low Product pom artifactid eclipse.wst.validation Highest Product pom parent-artifactid org.eclipse.webtools.common.plugins Medium Product pom parent-groupid org.eclipse.webtools.common Medium Product pom groupid eclipse.webtools.common Highest Version pom parent-version 1.2.800-SNAPSHOT Low Version pom version 1.2.800-SNAPSHOT Highest
jsdt-core-2.8.0.jar (shaded: org.eclipse.webtools.jsdt.bundles:org.eclipse.wst.jsdt.core:2.0.303-SNAPSHOT)File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\META-INF/maven/org.eclipse.webtools.jsdt.bundles/org.eclipse.wst.jsdt.core/pom.xmlMD5: 82ca4b3035969988bd92227b23c3b1c2SHA1: 2bcebe25714d3391dbd406a0dd35e4772610b4d8SHA256: 81046414a0473a3f6df4d13135574e033a5f8f2ba78766215baea1c97c51fc8aReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.eclipse.webtools.jsdt Medium Vendor pom groupid eclipse.webtools.jsdt.bundles Highest Vendor pom artifactid eclipse.wst.jsdt.core Low Vendor pom parent-artifactid bundles Low Product pom parent-groupid org.eclipse.webtools.jsdt Medium Product pom artifactid eclipse.wst.jsdt.core Highest Product pom groupid eclipse.webtools.jsdt.bundles Highest Product pom parent-artifactid bundles Medium Version pom parent-version 2.0.303-SNAPSHOT Low Version pom version 2.0.303-SNAPSHOT Highest
jsdt-core-2.8.0.jar: array.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\array.jsMD5: 5ebdd35a764203ab7e37006f1ef2b1f1SHA1: 3704e009e8de6c51907dd5f5470716f68e3f4ca8SHA256: c89622e10fce43aa0a6609b3ca69b9a329b26219e737a49641f027a917cd7e51Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: base.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\base.jsMD5: 47a85d409d1734a7c62dcc6550348a19SHA1: 7ac0bcc7dd25bf789817d1c5b3918bb16b0cdbe5SHA256: 77f804c60e34db52d587e0fcc67de96dd540554c32dfa35ab44987e79413a5f2Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: baseBrowserLibrary--WrapperObjects.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\libraries\baseBrowserLibrary--WrapperObjects.jsMD5: d05e189053e606afe0263b5e2bd15368SHA1: e8af0f20f071aeddde469911ccad876363d4d4a6SHA256: 9b66537ffda799337ca4eabfd12e6ecfd9e0502ef87d475f80f0e2c03c608455Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: baseBrowserLibrary.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\libraries\baseBrowserLibrary.jsMD5: 3ae87d09b4add97c3c03aaef34566e97SHA1: 15c7811f37dd11b534c96e880ea6395c88079827SHA256: f906cb3bc1e81032301f66d160b69cc5c445eecc16b6096709263579c65f4712Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: browserWindow.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\libraries\browserWindow.jsMD5: f133458548410e92c7d8cdf29e09ee5bSHA1: a339b9807bc1be244144cc9ff699cd17e99eb064SHA256: 6cda77d19e4f3112955847c980eec10a55ac869379eaa0d32b90036bd05d5d1fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: dom5.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\libraries\dom5.jsMD5: cde83d884d33f1571290b9fa75d531ccSHA1: 52bb7ec0b883900f139c35ac1ffa2d7a523462afSHA256: 0f879ca5be7eed2de03309ab76a63be58c0a36853492e385b6ee975f9b24fff4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: es6_dart_runtime.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6_dart_runtime.jsMD5: 3f97ac71c0905ac9cc726cd311ae6846SHA1: c16a9e7210228a1297a201eab21b525613e74f24SHA256: c6c7118984a9860354a8b7110f43e3859b00340fca422f5afcef10c736433f72Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: es6_runtime.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6_runtime.jsMD5: 01853858e9016b49fc7332bc9cf9b8b6SHA1: 2459c0c8e1c8f15cb111f07c2d55645e5f8b4920SHA256: 3f0dfe2f2d99bc733b04566411041012698c4cf5d7fcc2ca8f2d6b2c6389fd4cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: chrome.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\chrome.jsMD5: a8c3d3ed25fdf263178f4b2d07381504SHA1: 30e959c8d059e3bd70b79a819a3aea0d2336ab1bSHA256: 449f25999ab9cbd58731dffbcf61b44b2a07733c7ae7dbb2a783745d3a68a72eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: deprecated.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\deprecated.jsMD5: 9dedb947e6cd299f01cb137b49b0191aSHA1: 8b7b3a25544738af67002c146d318732ad5c6a78SHA256: 2f9ae28b94f2e2841d714b6c8ce4c941bf05b3ca3924a0690ee161d1c3daa818Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: es3.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\es3.jsMD5: be92788feec272698b36f48bffc46644SHA1: 7c575ad6c52433c0a975e3fbeba5a1379188b875SHA256: 4daf038a65847f055cec687209134a1b63598bc5d94ca1309cef637108797dbfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: es5.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\es5.jsMD5: 5fc04d32a0a6472ff6018a744008363fSHA1: 2b3c40d49b5351f0e42a2bff6c6d84197154fbf9SHA256: 2bb3b9e06e137b91f33afe6ea46afcb2f8a0debd721ff36122512c089a9745bfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: es6.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\es6.jsMD5: 8c89d6ee096d918c0dc3a8aeb7ad4b5eSHA1: f829138a9bc42d6007fbba7b7e31829da6c4a2d2SHA256: 408e7e2c5c2f81f650cf79a55b4a19b7b1f742d61e28774b0a9eb6ce0f3eaf9cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: es6_collections.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\es6_collections.jsMD5: e2666dea1316efd4b876c8efb4be1adeSHA1: 5ec3155efcf54de2ea23d49531d94cfe08de6581SHA256: 025070dabc5225416b80894aff890dd182d3dc538c46ffbcf5cf1c2f952bbd12Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: fetchapi.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\fetchapi.jsMD5: b4fc3e7841123b7a09c55a2ef00c0a3aSHA1: ffd06038372559c7b69093c206c2fd0cfd248180SHA256: bde9ee0fa763fb372d9ea67aac1a53207ccd5a8ef64d9fd30179fc35abdf9025Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: fileapi.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\fileapi.jsMD5: ed9d2ddbb010081413838fbd3a1db1b6SHA1: 1ac4c1bc4270ac20f27f8ea0f0e759542351361aSHA256: 78a5593378f4fe81ad0c12bed84b25a929363bd7877fdf0ee0168c23476d7ec8Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: flash.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\flash.jsMD5: c3943b3172436bfdab82b20cc94c3602SHA1: 869396cce326b27e2142a2f4f231c83fc7a81f50SHA256: 2460c129082268834757506f13f68387787f5fc7e3ea01eb4c997282f18dada3Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: gecko_css.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\gecko_css.jsMD5: 67aaa3518c2a32f9c4f1ef6d5c4e777eSHA1: 73cd2ca3ca15d682b1a9318aef162f056222bd5cSHA256: 1e4349fac990c3dd879ab425e04fb3d191ec975ff6c3efe5370ebdb1b6db25b5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: gecko_dom.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\gecko_dom.jsMD5: f756e2fcd6682a885fde1220f81f1aadSHA1: e393714adf2520163b6acef7adf5e711072deb70SHA256: 95262a296df94853e82d0577989bcf57fb2a1212f85f81044b80ba6801230163Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: gecko_event.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\gecko_event.jsMD5: 6d6fd1003df7e2e5c1c796352c21821eSHA1: 9d3be9467ae537ebdbe54d2a3830e518a7dda393SHA256: c4b31b073bdc21f62b122776230860c63baf5f3da9be828d46834f51b1a8fad4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: gecko_xml.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\gecko_xml.jsMD5: 39f8c44aa66e91e074ccaebad5f3e6a0SHA1: b65f410cae64587a0cda5bce8948abfddea15c86SHA256: f559a8c34d5f5340d16f2ff913a366133853add8548d6ee21b2a2516a828785cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: google.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\google.jsMD5: 08f6d8086494b22b4e6ebdcd4fea67b3SHA1: d01704dca7e7b6455ff8fbdeb2a3323b9a731bc5SHA256: 543bcc2ee9df2652fa83752761fdeade58764b28db5eb4c37e19bff24d2d5087Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: html5.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\html5.jsMD5: 30a482a823edf49ce0dd9c13253ee976SHA1: d7db9f3c9adb7ea08f2d762bff893e2629967af3SHA256: 3ca41a13c44af1a1ffe7f7cfce18b8846b14f965624a8e601216aac166687f16Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: ie_css.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\ie_css.jsMD5: 35b69c7e820ffe669ff4aa87c310df0cSHA1: ce5c98f9cadb69c34100ed81aca181071e3b25f7SHA256: 7d0093dd5264b2b3426b795bd520c84db8a36622b19d0c9c622de286022c190bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: ie_dom.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\ie_dom.jsMD5: 7f00624c353ebacf7a14d6fc4008b117SHA1: c9eefb18ed021e32734daa86fc24b1cc1d1cca0aSHA256: 9bcf3d55cf76a6c2b3dfecb6a4e32004b09b6e577fdb58ddf760f523ef783abdReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: ie_event.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\ie_event.jsMD5: 60f5191a5fc513f6336fa8c65d7f6096SHA1: a3d5960f82cfbd2611d4629cef71422dc686e36bSHA256: a366a772138c42b33cc205b76ccfe50473417246e056407c56243831189a8f43Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: ie_vml.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\ie_vml.jsMD5: 60ae456305dba0f115c54f1039582c2eSHA1: d6e8c711d6a4dd474d11a1d1931e0470920252baSHA256: 5ef66db08419c2d163577d3318fdaa313782e1cd316a230867bcad26bf34df88Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: intl.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\intl.jsMD5: 85fc3b4be4b998333231af8671cf34f0SHA1: 695411055aee8768f859764b6a9ea8df2219a1ebSHA256: 62ab46cdba1087579f797142c1c759fe70fb22150beffc9cd71818553b5781e3Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: iphone.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\iphone.jsMD5: bf335eea25f9907ec248c2baffa3bf2eSHA1: 1c1d358d362a314781163d6fbe4674e986be896dSHA256: 48cae7784b8ec28077bb953f17afbc3b3478f203caf26335c5235a903351e983Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: mediasource.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\mediasource.jsMD5: b85b88ef51d23056be43e2820eadedaaSHA1: 6d0207fdef63502237d8f3b21a177970168b24aaSHA256: 3d702d4bc07ffca351610e37c27f717f428ddedd86870b3fb8c1d6b8131ae0a0Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: page_visibility.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\page_visibility.jsMD5: c31f1dcae0e3f4ee55a2992a6cfb9a6fSHA1: 5087faab5e23d4936ee84940751219baf1f85e85SHA256: 4bd9c80e5715f9ec9463047d91cf107e388c6c739d0da8f1c5c6f3dbbe805060Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: streamsapi.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\streamsapi.jsMD5: f917323820ee774b1f6c2b8c12457a26SHA1: 9d0db4d8ecadb68dce0a4ab49f817ec394bdcfecSHA256: dcb913d44cfa07a0ebd1c4154e6d56dc9cd69f785f1499fefd3283b912741f5dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: url.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\url.jsMD5: 435ff1d98cbc41b91f6a7c135bb828ddSHA1: 35e68dc7eaba085a938f01d73bcd8914bbbc1f1dSHA256: b2c58542f09610913ec2dbb005f209091cb2093ae049c78535974213f5833a32Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: v8.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\v8.jsMD5: 78ea6f5efe5ba68063ba03d65cf4e410SHA1: f53512fede0334d5a6269234b4a85ffa6fb407fdSHA256: a82c8974e267b39e8495af54f7899e0e1e607f2553bef7d966ff7295905e9367Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_anim_timing.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_anim_timing.jsMD5: 1fe3e217ddab983ec7b7a4e5a1b77223SHA1: 175df8c9733965c7ba49ae2cd439139f6d5b2307SHA256: 494ae487dc9543cb8de888456f0e821a760defdddc097eee58671439d73b77ecReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_audio.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_audio.jsMD5: ab07cdf5ed4c999b383e645a0c427cc6SHA1: c93e744ad462fcb866eae1b756504b407cd26002SHA256: 65e22e1e1c2e018749e9925be4267d262efb809ea389cfab2612c42dcee2a6f7Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_batterystatus.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_batterystatus.jsMD5: b52fb8487f0cb51252211726cf81f590SHA1: b51f37f485d6f121ab672934a4f792d9112212d1SHA256: d5265d4b2a005be6295eb53a252a784ef7deabf71dd29659c09a9a960c6a5276Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_css.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_css.jsMD5: 60737c14d553b3e35d93c0d6ae585de9SHA1: 5411cf2efd9aef3d4e154babcd84c29440c8938cSHA256: d07076c17b86a1af7772cc515bddd2695b7346ba43fb1d825849b9891f3a7b6bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_css3d.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_css3d.jsMD5: e63a7178e1cdc348a76e26e56e696991SHA1: 5b6adb87df8c43971b03b029b7306bed4e51c81fSHA256: a39261f1f581aa0d479c13918c639ddef409522d8a6af4934bb4d2b7778865d6Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_device_sensor_event.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_device_sensor_event.jsMD5: ee5ee9c532cd5f8cd55d1042bce75ccbSHA1: 3244c6a7bdf4a600e82a077324e3ddae7177ba5cSHA256: f6554292b73133cfea0a64a5e41ee6a09a025a5fff988d0d145ec289b5d59744Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_dom1.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_dom1.jsMD5: 2db064b5746b7170cf4edf2efa915f1bSHA1: 6c39ccfba79f0b626258557db778d3f52216aa82SHA256: 52ac9e10057feeee0c3139b77fa5f3ac7ab3b090dca5f0bd5c39b53a58eb32b1Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_dom2.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_dom2.jsMD5: df8c960dee87ad7d18323704be90a266SHA1: dca14b4b70fcf42229fc03c2adb9bdc698b7a4b9SHA256: 7f134740f547c2828e5302be7a41543ec3772e5db9b50b9c6836b7c3b98db2a9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_dom3.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_dom3.jsMD5: b761db7bde09b186fcd259714c66adaeSHA1: 9cbb632c3dc32b6a4839773c5d3fb8b20234adc5SHA256: 21749f338825548348c896ff5bccf0dd7a5363a6997fcbd78fcf1de87bec25c2Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_elementtraversal.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_elementtraversal.jsMD5: 07f36c9524db9f5b7ddce0119307588dSHA1: cb36b751d5a548d6bba0a4852ca6ddf4c349c5adSHA256: b356bad9a96232edd7791445233048ad5a6931399f0f31f3eb13f1df7aec0cbdReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_event.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_event.jsMD5: 17ce3ca4298e2ec7a15c8fbb1b064409SHA1: b9eb14d663766794181b9886e4c94d863d1c9d31SHA256: e391cabc3e3211e21eba14e22ae705d7b75d96715bd93dcf629eb16011caa13eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_event3.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_event3.jsMD5: f1aea693d2b4b162eb2c86e2f5c82ff7SHA1: 56baf603f9502b069c4059cbf88c8c963460bebfSHA256: a6317a608686d91b6bd256c1f2f7cf32c189223f5a3103acacd28e33e22a26daReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_geolocation.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_geolocation.jsMD5: 6a1a2a9e61827ca1b768964a48c11b06SHA1: 70f82734f9cdab489926b2340c941b2bcdd951e5SHA256: cd6c6d58b98388d2f44fe065fd9559a824d20a970fd8c92cf578b310ad420ca9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_indexeddb.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_indexeddb.jsMD5: 743bd47f9562b13d7b1e418584a685f2SHA1: 3bdefae45541db26e60a8de796011bd88710e6d6SHA256: 8532227c2aade86387904ac11ac39e5eb25416f3e405241fc95555eb74df044aReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_navigation_timing.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_navigation_timing.jsMD5: e330fc2ccb20d6960a87a733f469cce1SHA1: 9837c26bf6740780943b48dfe23aa0eda79654a7SHA256: 15a9bcbdf8314a8e72950113388de347ccf59c3d52ca18fe8e1ea65a89a98beeReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_range.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_range.jsMD5: 9280ab6d995d7a6a7a0cf8780c5eb6a8SHA1: 041f31a41f5e771ba0169f35510d4ee6f53eb842SHA256: 54c1cc802e17ec86c5718bc66e8ef5185d3f795dbfa5f96b95e62733735cb463Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_rtc.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_rtc.jsMD5: f231f71890c4f64f3807c5bca0115615SHA1: 38e1b2a789fbb64335e30f76da599aba2a21257cSHA256: 8e65068f188cf3763843c7ae51c48125a6cde3095aabfd7d94ce23c3e5117610Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_selectors.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_selectors.jsMD5: 3c57afd5add4e0c92a015ace5557118bSHA1: 4072d2cd12c7c9144fee3910c8f8780352cdc731SHA256: 72bf5b1b0f134643605e66c12b9b0b0273474abb6db9bd46053e3c72dfa7a53fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_serviceworker.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_serviceworker.jsMD5: e0bfafe6656a4e00b0e4c99a983d62f3SHA1: 30e91d3291bd949107164243b8fded6d254c9d6dSHA256: 42969e0fa3c95bf829e286ed149642cf5e273e26177438a8c4e2514db3e12b32Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_touch_event.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_touch_event.jsMD5: c6bf031c0fa08b3979bf413945d5317aSHA1: f81cfa30bc41065d732361d9b2ebe28cbbe7199fSHA256: 60604bc46a663e05e6cb5af473b03d2857543834615e857e4be2a745066dbd6dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_webcrypto.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_webcrypto.jsMD5: 4f207d06502c2b7c265c8f6c2fced610SHA1: 1240cdfdec79988180ab9d098284c46d3627a7a2SHA256: dbe1b0c5d5be7bebcc5a14bf3dd3bc068a32360a21207012b2ae7d53f8a4c799Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: w3c_xml.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\w3c_xml.jsMD5: 2085f926303acc14b632763d90d7d33eSHA1: 4c2f9718e6083d250ee5ecf27f55cc5978cc36cdSHA256: 4395dfc9acfe80a3149a31160ca4e10838f13a58150055f515f5f137cd42c22cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: webgl.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\webgl.jsMD5: 60a42c2592c8012a5f7717e8b815a086SHA1: 64cc6d88cef1873fdb2641cadeb0df356236ffd9SHA256: 7323bed31c69f361f6330cf6c5a9f837182e16de85f952a409124c93954faf28Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: webkit_css.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\webkit_css.jsMD5: d065e977d8dd03befef5ffcd10ff730eSHA1: 80dbd1129d42c398e31a2e87f37c22af4977d049SHA256: 00690a7626af792a45594b1635cd5966fef3353e334a952f4b009ce5c8cea8b0Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: webkit_dom.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\webkit_dom.jsMD5: 27ee24f02c6e78dd1b24c2637d6843fdSHA1: 5c53eb198295a6f62f2450ae42ef63b9bf155850SHA256: 2a771b9e72dabbaac316fca29888fb22a2474758875c96db6a35f7f5aa3e4ff5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: webkit_event.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\webkit_event.jsMD5: 5be3b6adf6ccfa6db2c8511bdc08b71cSHA1: 739be63a55c0624c7c97aa88a88304e9438a9c11SHA256: b569b0787a53b7956589c511a32e538816ab756a2b516eda3ad77f0b77e57b93Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: webkit_notifications.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\webkit_notifications.jsMD5: b02f8bcb3386a0f93340d062ddaf0d8bSHA1: a01cce2910bf13d46b727e9acb986ec4fc7ac337SHA256: 2f496cb6614d04904df919d78117655a53142f595a6b787092881c32c7d636b9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: webstorage.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\webstorage.jsMD5: 20243f9802deb2e4e51e722a41b69705SHA1: e75f13f206eac3a8501ea721c4beee0bef513c3aSHA256: 62763237d60f5d04186237fe3838aba6b74eaa3a6e31d73e0556f9aa265db330Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: whatwg_encoding.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\whatwg_encoding.jsMD5: 52a7df1198b79deee4fe0ce3f46645d2SHA1: b31fe97ef3b3638162c575baefa57fe09d2de487SHA256: 84a1b24e2884866af6540eac3b1f660d3907fa528bdf6f4af9d43e97f41824a7Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: externs.zip: window.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\externs.zip\browser\window.jsMD5: 18744f57cbe574bb8e8373ae6ec54e38SHA1: 87d624bcad66672166dd362d2a8e44a5cbac7424SHA256: 0e9bda4e3eb9d2bab8afaa4bb19e2024dfda5a48b3b585f7275e86febccf3fbeReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: fix_throw_error.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\refactoring\examples\fix_throw_error.jsMD5: cc900c03c3fc624a5b91b006c442a2f5SHA1: aefb0f9338253fa193c9fdeacfd72e703e767382SHA256: e26633f6c682a8ab840fcddfc6845d1f62fe89fb96805e054d669a72627abd4fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: license.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\license.jsMD5: 23015270beb20de9f31447938eabeba5SHA1: c67f47c0448659727a1b264b4a58e0d6191c293fSHA256: a7232aaf67e6118ad4b4d702ae2223df5cc177a184485358d97e75b868554bc4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: map.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\map.jsMD5: 6f86d1ea611f03e8b36ad1857629e51eSHA1: 645b18c9891f44dc5d7e9586e02e33ddb940c57bSHA256: 3a547953f381217d7223f9f631e5f9943fa631fb78c54402b27dd8c7ff1aff1cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: math.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\math.jsMD5: 35e23b803ca36458f3dfe2123ce204caSHA1: 8d0ba80aa1ba511d013d5b3236d70a2c51d7d5bbSHA256: a293490fb74e603fda07f7355fd5a71fad33fff819f81626f512fa44fd148a9eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: number.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\number.jsMD5: c7263d9af5aa1b7a9f8af612ba94cd0fSHA1: 82db733a7df7f481223ee4ee4aa1a3ff52138701SHA256: 49593b0ff2493a19500eba5d8397a474ffed81976392416e5d5574ce3bb0e5f2Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: object.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\object.jsMD5: 3d71f31a0b070c22acaa0da02166a463SHA1: 96a42f7aba0ff0b87f8e48eeee18bb2486666f23SHA256: e742b7add362fc97045e6af9ec865480dcaef4cc44bcd383ab32d5ac9d08086fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: resources-ant.jarFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\ant_tasks\resources-ant.jarMD5: f986cf80fffe438eee8302e726e25d42SHA1: 12f2008d2c32a49704fc56bb60914fda63437ffdSHA256: dd0220679f834864f7cbd8132d467ee6e5d1ac4ddb614458024c1185b1f9a1f1Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name resources-ant High Vendor jar package name resources Low Vendor jar package name eclipse Low Vendor jar package name core Low Product file name resources-ant High Product jar package name resources Low Product jar package name ant Low Product jar package name core Low
jsdt-core-2.8.0.jar: runtime.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\runtime.jsMD5: aa4dffa97df8f3257d79c5402a9af5f1SHA1: 0d4423187ddfe20c5a30bb7772e322be467166f3SHA256: 26e28276e2e7078d3894036e4d1d6bb6738c77c6c6970f304de090af2c7f7c5eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: runtime_type_check.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\runtime_type_check.jsMD5: f49422a74446ba7b8889a5fc2d6942a6SHA1: 38e316af7e901747e1a1d7974c9b65992124d450SHA256: 559a4a74c419aa6962ae96afaa9968cc24e0ad1862493125a0d6e504c224961fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: set.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\set.jsMD5: 5fc92f2cb8328d98398f1d28f51a0e66SHA1: 0a364ddab1befc7988ee752decfac306f433015fSHA256: 483ae298e0a7c0cbda1986c4568848b570a06d8c0e177cd512b0186e4b6a8a6cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: set_anchor_href.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\refactoring\examples\set_anchor_href.jsMD5: d19ba5c467d75aefb3ec7cfdb81a3cd0SHA1: 127aba66b06b2e2351ac0ea17e191dfe5be6d85bSHA256: debf422593426b2d4404a081572bf376f6b6a5d719fa40a4aae7d97d18a5bc89Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: set_location_href.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\refactoring\examples\set_location_href.jsMD5: 7fa313f20f1a9d4e2c55578145b74debSHA1: 59f699a3be0cf9f08915f7f4557dfb335233217aSHA256: a020e191e0d2ae064ce0292fda4b3c97c44254ffdc6cc36ab62dc9c4afbb142cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: string.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\com\google\javascript\jscomp\js\es6\string.jsMD5: 358597e22af39e465fe4f19b8606c675SHA1: 99de3439a92e8cc689dff30e7e878d97f4c11d31SHA256: 1be5f6d476c6bd335a540b16ff1e0e9f014242314079e4c68704622eb937d083Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: system.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\libraries\system.jsMD5: 3d5788b2aae4ae50a64842e699023530SHA1: dc499b8fdc3aff89d0e0feb6f6427cb5224ea500SHA256: e5b336db286aca5e74930202cb759c61bee88c0f57d759c9b6da8cbe924b5151Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
jsdt-core-2.8.0.jar: xhr.jsFile Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\jsdt-core\2.8.0\jsdt-core-2.8.0.jar\libraries\xhr.jsMD5: 04ce37a9206b543480f39ab4eaa896dcSHA1: 40adf7308857dd8dc9847a4669f458981b6a8729SHA256: 72d5dee08d593a646142713b0fc2949fd3b840083ad794627eacb75041267ce8Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
json-20090211.jarDescription:
JSON (JavaScript Object Notation) is a lightweight data-interchange format.
It is easy for humans to read and write. It is easy for machines to parse and generate.
It is based on a subset of the JavaScript Programming Language, Standard ECMA-262 3rd Edition
- December 1999. JSON is a text format that is completely language independent but uses
conventions that are familiar to programmers of the C-family of languages, including C, C++, C#,
Java, JavaScript, Perl, Python, and many others.
These properties make JSON an ideal data-interchange language.
License:
provided without support or warranty: http://www.json.org/license.html File Path: C:\Users\Jeremy\.m2\repository\org\json\json\20090211\json-20090211.jar
MD5: 333139fffc6c9d4bc3d2495d9613f092
SHA1: c183aa3a2a6250293808bba12262c8920ce5a51c
SHA256: 055be110a570f9cda3eba8d70a006ff46c77a048bc67868524879211c48b330a
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid json Low Vendor pom groupid org.json Highest Vendor pom name JSON (JavaScript Object Notation) High Vendor jar package name json Low Vendor file name json-20090211 High Vendor jar package name json Highest Vendor pom groupid json Highest Vendor pom organization name JSON High Vendor pom organization url http://json.org/ Medium Vendor pom url http://www.json.org/java/index.html Highest Product pom name JSON (JavaScript Object Notation) High Product file name json-20090211 High Product jar package name json Highest Product pom groupid json Highest Product pom artifactid json Highest Product pom organization url http://json.org/ Low Product pom organization name JSON Low Product pom url http://www.json.org/java/index.html Medium Version file version 20090211 Medium Version pom version 20090211 Highest
jsoup-1.13.1.jarDescription:
jsoup is a Java library for working with real-world HTML. It provides a very convenient API for extracting and manipulating data, using the best of DOM, CSS, and jquery-like methods. jsoup implements the WHATWG HTML5 specification, and parses HTML to the same DOM as modern browsers do. License:
The MIT License: https://jsoup.org/license File Path: C:\Users\Jeremy\.m2\repository\org\jsoup\jsoup\1.13.1\jsoup-1.13.1.jar
MD5: 5ee148bf2db7c6d81edb7904e970e9db
SHA1: f9577f3732bb7caa4fee8aba5053158f4010c118
SHA256: e2b99c0d2fa39f69f27efb1c0016390713feb2f2e02d8ea7f1c36b780271598a
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name parser Highest Vendor Manifest bundle-docurl https://jsoup.org/ Low Vendor pom name jsoup Java HTML Parser High Vendor pom groupid org.jsoup Highest Vendor Manifest bundle-symbolicname org.jsoup Medium Vendor jar package name jsoup Highest Vendor pom artifactid jsoup Low Vendor Manifest automatic-module-name org.jsoup Medium Vendor pom organization name Jonathan Hedley High Vendor pom groupid jsoup Highest Vendor file name jsoup High Vendor pom url https://jsoup.org/ Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Vendor pom organization url https://jhy.io/ Medium Product pom organization name Jonathan Hedley Low Product pom url https://jsoup.org/ Medium Product pom artifactid jsoup Highest Product jar package name parser Highest Product Manifest bundle-docurl https://jsoup.org/ Low Product pom name jsoup Java HTML Parser High Product Manifest bundle-symbolicname org.jsoup Medium Product Manifest Bundle-Name jsoup Java HTML Parser Medium Product jar package name jsoup Highest Product Manifest automatic-module-name org.jsoup Medium Product pom groupid jsoup Highest Product file name jsoup High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.7))" Low Product pom organization url https://jhy.io/ Low Version Manifest Bundle-Version 1.13.1 High Version pom version 1.13.1 Highest Version file version 1.13.1 High
jsp-api-2.1.jarFile Path: C:\Users\Jeremy\.m2\repository\javax\servlet\jsp\jsp-api\2.1\jsp-api-2.1.jarMD5: b8a34113a3a1ce29c8c60d7141f5a704SHA1: 63f943103f250ef1f3a4d5e94d145a0f961f5316SHA256: 545f4e7dc678ffb4cf8bd0fd40b4a4470a409a787c0ea7d0ad2f08d56112987bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name servlet Highest Vendor jar package name javax Highest Vendor Manifest Implementation-Vendor Sun Microsystems, Inc. High Vendor Manifest specification-vendor Sun Microsystems, Inc. Low Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor pom groupid javax.servlet.jsp Highest Vendor pom artifactid jsp-api Low Vendor jar package name jsp Highest Vendor file name jsp-api High Vendor Manifest extension-name javax.servlet.jsp Medium Product jar package name servlet Highest Product jar package name javax Highest Product pom groupid javax.servlet.jsp Highest Product Manifest specification-title JavaServer Pages(TM) Specification Medium Product jar package name jsp Highest Product pom artifactid jsp-api Highest Product file name jsp-api High Product Manifest extension-name javax.servlet.jsp Medium Version pom version 2.1 Highest Version Manifest Implementation-Version 2.1 High Version file version 2.1 High
jsr250-api-1.0.jarDescription:
JSR-250 Reference Implementation by Glassfish License:
COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.html File Path: C:\Users\Jeremy\.m2\repository\javax\annotation\jsr250-api\1.0\jsr250-api-1.0.jar
MD5: 4cd56b2e4977e541186de69f5126b4a6
SHA1: 5025422767732a1ab45d93abfea846513d742dcf
SHA256: a1a922d0d9b6d183ed3800dfac01d1e1eb159f0e8c6f94736931c1def54a941f
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://jcp.org/aboutJava/communityprocess/final/jsr250/index.html Highest Vendor jar package name javax Highest Vendor pom groupid javax.annotation Highest Vendor pom artifactid jsr250-api Low Vendor file name jsr250-api High Vendor jar package name javax Low Vendor jar package name annotation Low Vendor jar package name annotation Highest Vendor pom name JSR-250 Common Annotations for the JavaTM Platform High Product jar package name javax Highest Product pom groupid javax.annotation Highest Product pom artifactid jsr250-api Highest Product pom url http://jcp.org/aboutJava/communityprocess/final/jsr250/index.html Medium Product file name jsr250-api High Product jar package name annotation Low Product jar package name annotation Highest Product pom name JSR-250 Common Annotations for the JavaTM Platform High Version file version 1.0 High Version pom version 1.0 Highest
jsr305-3.0.2.jarDescription:
JSR305 Annotations for Findbugs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\google\code\findbugs\jsr305\3.0.2\jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256: 766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope: dependency-plugin-tracker:provided
Evidence Type Source Name Value Confidence Vendor pom artifactid jsr305 Low Vendor file name jsr305 High Vendor Manifest bundle-symbolicname org.jsr-305 Medium Vendor pom groupid com.google.code.findbugs Highest Vendor pom groupid google.code.findbugs Highest Vendor pom name FindBugs-jsr305 High Vendor pom url http://findbugs.sourceforge.net/ Highest Product file name jsr305 High Product Manifest bundle-symbolicname org.jsr-305 Medium Product Manifest Bundle-Name FindBugs-jsr305 Medium Product pom artifactid jsr305 Highest Product pom groupid google.code.findbugs Highest Product pom url http://findbugs.sourceforge.net/ Medium Product pom name FindBugs-jsr305 High Version pom version 3.0.2 Highest Version file version 3.0.2 High Version Manifest Bundle-Version 3.0.2 High
jul-to-slf4j-1.7.25.jarDescription:
JUL to SLF4J bridge File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\jul-to-slf4j\1.7.25\jul-to-slf4j-1.7.25.jarMD5: ab28124cb05fec600f2ffe37b94629e0SHA1: 0af5364cd6679bfffb114f0dec8a157aaa283b76SHA256: 416c5a0c145ad19526e108d44b6bf77b75412d47982cce6ce8d43abdbdbb0facReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname jul.to.slf4j Medium Vendor pom groupid org.slf4j Highest Vendor pom parent-groupid org.slf4j Medium Vendor jar package name bridge Highest Vendor jar package name slf4j Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor pom artifactid jul-to-slf4j Low Vendor pom parent-artifactid slf4j-parent Low Vendor file name jul-to-slf4j High Vendor pom name JUL to SLF4J bridge High Vendor pom groupid slf4j Highest Vendor pom url http://www.slf4j.org Highest Product Manifest bundle-symbolicname jul.to.slf4j Medium Product pom parent-groupid org.slf4j Medium Product jar package name bridge Highest Product pom parent-artifactid slf4j-parent Medium Product jar package name slf4j Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom url http://www.slf4j.org Medium Product file name jul-to-slf4j High Product pom name JUL to SLF4J bridge High Product pom groupid slf4j Highest Product pom artifactid jul-to-slf4j Highest Product Manifest Bundle-Name jul-to-slf4j Medium Version Manifest Implementation-Version 1.7.25 High Version pom version 1.7.25 Highest Version file version 1.7.25 High Version Manifest Bundle-Version 1.7.25 High
license-maven-plugin-3.0.jarDescription:
Maven 2 plugin to check and update license headers in source files File Path: C:\Users\Jeremy\.m2\repository\com\mycila\license-maven-plugin\3.0\license-maven-plugin-3.0.jarMD5: 74d0bad1d33ea906812ce8ef4ca7085aSHA1: 6e6175f847574fd15c644a69b540e279ea5d173fSHA256: 525fe8f3ae8523d05eeda736645c41e9c330f025782b5b3de6ef0baacf2d78ccReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mycila Low Vendor file name license-maven-plugin High Vendor jar package name plugin Low Vendor jar package name mycila Highest Vendor pom groupid com.mycila Highest Vendor pom artifactid license-maven-plugin Low Vendor pom name license-maven-plugin High Vendor jar package name license Highest Vendor pom url http://mycila.github.io/${mycila.github.name} Highest Vendor pom parent-groupid com.mycila Medium Vendor jar package name maven Highest Vendor jar package name maven Low Vendor pom parent-artifactid license-maven-plugin-parent Low Vendor jar package name plugin Highest Vendor pom groupid mycila Highest Product pom artifactid license-maven-plugin Highest Product file name license-maven-plugin High Product jar package name plugin Low Product jar package name mycila Highest Product jar package name license Low Product pom name license-maven-plugin High Product jar package name license Highest Product pom url http://mycila.github.io/${mycila.github.name} Medium Product pom parent-groupid com.mycila Medium Product jar package name maven Highest Product jar package name maven Low Product pom parent-artifactid license-maven-plugin-parent Medium Product jar package name plugin Highest Product pom groupid mycila Highest Version file version 3.0 High Version pom version 3.0 Highest
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarDescription:
An empty artifact that Guava depends on to signal that it is providing
ListenableFuture -- but is also available in a second "version" that
contains com.google.common.util.concurrent.ListenableFuture class, without
any other Guava classes. The idea is:
- If users want only ListenableFuture, they depend on listenablefuture-1.0.
- If users want all of Guava, they depend on guava, which, as of Guava
27.0, depends on
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava. The 9999.0-...
version number is enough for some build systems (notably, Gradle) to select
that empty artifact over the "real" listenablefuture-1.0 -- avoiding a
conflict with the copy of ListenableFuture in guava itself. If users are
using an older version of Guava or a build system other than Gradle, they
may see class conflicts. If so, they can solve them by manually excluding
the listenablefuture artifact or manually forcing their build systems to
use 9999.0-....
File Path: C:\Users\Jeremy\.m2\repository\com\google\guava\listenablefuture\9999.0-empty-to-avoid-conflict-with-guava\listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jarMD5: d094c22570d65e132c19cea5d352e381SHA1: b421526c5f297295adef1c886e5246c39d4ac629SHA256: b372a037d4230aa57fbeffdef30fd6123f9c0c2db85d0aced00c91b974f33f99Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Guava ListenableFuture only High Vendor pom groupid google.guava Highest Vendor pom artifactid listenablefuture Low Vendor file name listenablefuture High Vendor pom parent-groupid com.google.guava Medium Vendor pom groupid com.google.guava Highest Vendor pom parent-artifactid guava-parent Low Product pom name Guava ListenableFuture only High Product pom groupid google.guava Highest Product file name listenablefuture High Product pom parent-artifactid guava-parent Medium Product pom parent-groupid com.google.guava Medium Product pom artifactid listenablefuture Highest Version pom parent-version 9999.0-empty-to-avoid-conflict-with-guava Low Version pom version 9999.0-empty-to-avoid-conflict-with-guava Highest
log4j-1.2.14.jarDescription:
Log4j License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\log4j\log4j\1.2.14\log4j-1.2.14.jar
MD5: 599b8ba07d1d04f0ea34414e861d7ad1
SHA1: 03b254c872b95141751f414e353a25c2ac261b51
SHA256: e3bff9ab64a09b1ac2800f3b5fb1e3d99728064acb6dd3924938507638a404fb
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid log4j Highest Vendor jar package name apache Highest Vendor pom organization url http://www.apache.org Medium Vendor jar package name log4j Highest Vendor pom organization name Apache Software Foundation High Vendor pom artifactid log4j Low Vendor pom url http://logging.apache.org/log4j/docs/ Highest Vendor manifest: org/apache/log4j/ Implementation-Vendor "Apache Software Foundation" Medium Vendor file name log4j High Vendor pom name Log4j High Product pom groupid log4j Highest Product jar package name apache Highest Product jar package name log4j Highest Product manifest: org/apache/log4j/ Implementation-Title log4j Medium Product pom organization url http://www.apache.org Low Product pom organization name Apache Software Foundation Low Product pom url http://logging.apache.org/log4j/docs/ Medium Product file name log4j High Product pom artifactid log4j Highest Product pom name Log4j High Version pom version 1.2.14 Highest Version manifest: org/apache/log4j/ Implementation-Version 1.2.14 Medium Version file version 1.2.14 High
Published Vulnerabilities CVE-2019-17571 suppress
Included in Log4j 1.2 is a SocketServer class that is vulnerable to deserialization of untrusted data which can be exploited to remotely execute arbitrary code when combined with a deserialization gadget when listening to untrusted network traffic for log data. This affects Log4j versions up to 1.2 up to 1.2.17. CWE-502 Deserialization of Untrusted Data
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
CVE-2020-9488 suppress
Improper validation of certificate with host mismatch in Apache Log4j SMTP appender. This could allow an SMTPS connection to be intercepted by a man-in-the-middle attack which could leak any log messages sent through that appender. CWE-295 Improper Certificate Validation
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: LOW (3.7) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions:
lombok-1.18.12.jarDescription:
Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more! License:
The MIT License: https://projectlombok.org/LICENSE File Path: C:\Users\Jeremy\.m2\repository\org\projectlombok\lombok\1.18.12\lombok-1.18.12.jar
MD5: 9a1e84dfd05b2a0821fc56298d6ed0de
SHA1: 48e4e5d60309ebd833bc528dcf77668eab3cd72c
SHA256: 49381508ecb02b3c173368436ef71b24c0d4418ad260e6cc98becbcf4b345406
Referenced In Project/Scope: dependency-plugin-tracker:provided
Evidence Type Source Name Value Confidence Vendor file name lombok High Vendor jar package name tostring Highest Vendor pom groupid projectlombok Highest Vendor pom groupid org.projectlombok Highest Vendor Manifest can-redefine-classes true Low Vendor pom name Project Lombok High Vendor pom artifactid lombok Low Vendor jar package name lombok Highest Vendor jar package name java Highest Vendor pom url https://projectlombok.org Highest Product file name lombok High Product jar package name tostring Highest Product pom groupid projectlombok Highest Product pom artifactid lombok Highest Product Manifest can-redefine-classes true Low Product pom name Project Lombok High Product jar package name lombok Highest Product jar package name java Highest Product pom url https://projectlombok.org Medium Version file version 1.18.12 High Version Manifest lombok-version 1.18.12 Medium Version pom version 1.18.12 Highest
management-api-3.2.2.jarDescription:
Eclipse ORB License:
EDL 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\external\management-api\3.2.2\management-api-3.2.2.jar
MD5: 871c42b743eed0bb8f8f9185518dd61b
SHA1: 722d59d719fbfe32635b8c7988fae457d3baec0f
SHA256: fa6d8ea08f0c59b3570c223a7e60329e17046573b79064a76affc558640f02d9
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid glassfish.external Highest Vendor pom name management-api High Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor pom groupid org.glassfish.external Highest Vendor Manifest bundle-symbolicname org.glassfish.external.management-api Medium Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor jar package name glassfish Highest Vendor pom parent-artifactid project Low Vendor file name management-api High Vendor pom url eclipse-ee4j/orb-gmbal-commons Highest Vendor pom artifactid management-api Low Vendor jar package name external Highest Product pom parent-artifactid project Medium Product pom groupid glassfish.external Highest Product pom name management-api High Product Manifest bundle-docurl https://www.eclipse.org Low Product pom artifactid management-api Highest Product Manifest bundle-symbolicname org.glassfish.external.management-api Medium Product pom parent-groupid org.eclipse.ee4j Medium Product Manifest Bundle-Name management-api Medium Product jar package name glassfish Highest Product file name management-api High Product jar package name external Highest Product pom url eclipse-ee4j/orb-gmbal-commons High Version pom version 3.2.2 Highest Version Manifest Bundle-Version 3.2.2 High Version pom parent-version 3.2.2 Low Version file version 3.2.2 High
maven-aether-provider-3.0.jarDescription:
This module provides extensions to Aether for utilizing the Maven POM and Maven metadata.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-aether-provider\3.0\maven-aether-provider-3.0.jarMD5: 859740166efa8857d7a598b05249ac24SHA1: 419f5eb63cf743a1a0f2a80ea5dde37fd1a4fec0SHA256: 1205a1f229999170dcadcfb885a278ad0bc2295540a251f4c438f887ead7bbd9Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor file name maven-aether-provider High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Aether Provider High Vendor pom artifactid maven-aether-provider Low Product jar package name apache Highest Product pom parent-artifactid maven Medium Product Manifest Implementation-Title Maven Aether Provider High Product file name maven-aether-provider High Product jar package name maven Highest Product Manifest specification-title Maven Aether Provider Medium Product pom artifactid maven-aether-provider Highest Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product pom name Maven Aether Provider High Version file version 3.0 High Version pom version 3.0 Highest Version Manifest Implementation-Version 3.0 High
maven-antrun-plugin-3.0.0.jarDescription:
Runs Ant scripts embedded in the POM File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-antrun-plugin\3.0.0\maven-antrun-plugin-3.0.0.jarMD5: b520f3ac6aa96c4ed30a118bb20a12a8SHA1: 563dea4c33cd57c9a9b12bddd3b082fba67165b5SHA256: 6aa9fc5624f57a2c404d43f825ecb96d0346b2c45606862f03af3667e958041dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-antrun-plugin Low Vendor file name maven-antrun-plugin High Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name antrun Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name ant Highest Vendor pom name Apache Maven AntRun Plugin High Product Manifest specification-title Apache Maven AntRun Plugin Medium Product file name maven-antrun-plugin High Product Manifest Implementation-Title Apache Maven AntRun Plugin High Product pom artifactid maven-antrun-plugin Highest Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product jar package name antrun Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product jar package name ant Highest Product pom name Apache Maven AntRun Plugin High Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High Version pom parent-version 3.0.0 Low
maven-archiver-3.5.0.jarDescription:
Provides utility methods for creating JARs and other archive files from a Maven project. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-archiver\3.5.0\maven-archiver-3.5.0.jarMD5: cbaa0287fff3b9dd80d6c72c4f4c03daSHA1: e9f5e403263aba6fb09b21383ffb3c7dd36749a7SHA256: 44da564ea37b05aba884f89da2525fbaaadcd3348547e2c679db0f5f40e43246Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-archiver Low Vendor file name maven-archiver High Vendor pom parent-groupid org.apache.maven.shared Medium Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor jar package name archiver Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom name Apache Maven Archiver High Vendor Manifest implementation-url https://maven.apache.org/shared/maven-archiver/ Low Vendor pom groupid org.apache.maven Highest Vendor pom parent-artifactid maven-shared-components Low Product file name maven-archiver High Product pom artifactid maven-archiver Highest Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product Manifest Implementation-Title Apache Maven Archiver High Product Manifest specification-title Apache Maven Archiver Medium Product pom groupid apache.maven Highest Product jar package name apache Highest Product jar package name archiver Highest Product jar package name maven Highest Product pom name Apache Maven Archiver High Product Manifest implementation-url https://maven.apache.org/shared/maven-archiver/ Low Version pom version 3.5.0 Highest Version Manifest Implementation-Version 3.5.0 High Version pom parent-version 3.5.0 Low Version file version 3.5.0 High
maven-artifact-3.0.5.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-artifact\3.0.5\maven-artifact-3.0.5.jarMD5: 37818c6f0ef84b6338fdd1520e9831dbSHA1: 7cd9aa7425c4a967bd39c2f6f61ab9535570fcb4SHA256: c6d5e244dd2329971f91b8df666ffe9e0b00a7dd014d6ee073b6f6cb82877f5cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-artifact Low Vendor jar package name artifact Highest Vendor file name maven-artifact High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom name Maven Artifact High Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product jar package name maven Highest Product Manifest specification-title Maven Artifact Medium Product Manifest Implementation-Title Maven Artifact High Product jar package name artifact Highest Product pom name Maven Artifact High Product file name maven-artifact High Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product pom artifactid maven-artifact Highest Version pom version 3.0.5 Highest Version file version 3.0.5 High Version Manifest Implementation-Version 3.0.5 High
maven-artifact-manager-2.2.1.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-artifact-manager\2.2.1\maven-artifact-manager-2.2.1.jarMD5: f3e76a8a83f422a900886543c48914f7SHA1: ec355b913c34d37080810f98e3f51abecbe1572bSHA256: d1e247c4ed3952385fd704ac9db2a222247cfe7d20508b4f3c76b90f857952edReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name artifact Highest Vendor pom name Maven Artifact Manager High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor file name maven-artifact-manager High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Vendor jar package name manager Highest Vendor pom artifactid maven-artifact-manager Low Product pom parent-artifactid maven Medium Product Manifest specification-title Maven Artifact Manager Medium Product Manifest Implementation-Title Maven Artifact Manager High Product jar package name artifact Highest Product pom name Maven Artifact Manager High Product pom groupid apache.maven Highest Product pom artifactid maven-artifact-manager Highest Product jar package name apache Highest Product file name maven-artifact-manager High Product jar package name maven Highest Product pom parent-groupid org.apache.maven Medium Product jar package name manager Highest Version Manifest Implementation-Version 2.2.1 High Version pom version 2.2.1 Highest Version file version 2.2.1 High
maven-artifact-transfer-0.11.0.jarDescription:
An API to install, deploy and resolving artifacts with Maven 3 File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-artifact-transfer\0.11.0\maven-artifact-transfer-0.11.0.jarMD5: 74a96639582fc46f70d4fd040b48a0ffSHA1: bec7dd9a97178bc2637c1c45830b3b09eff64274SHA256: 1f474df0b9dd55e5bb755a131ec64b307c557293328711adb579d21c010dffdeReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.shared Highest Vendor file name maven-artifact-transfer High Vendor pom parent-groupid org.apache.maven.shared Medium Vendor pom artifactid maven-artifact-transfer Low Vendor jar package name artifact Highest Vendor jar package name transfer Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest implementation-url https://maven.apache.org/shared/maven-artifact-transfer/ Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom parent-artifactid maven-shared-components Low Vendor pom name Apache Maven Artifact Transfer High Product pom artifactid maven-artifact-transfer Highest Product pom parent-artifactid maven-shared-components Medium Product file name maven-artifact-transfer High Product pom parent-groupid org.apache.maven.shared Medium Product jar package name artifact Highest Product jar package name transfer Highest Product jar package name apache Highest Product Manifest Implementation-Title Apache Maven Artifact Transfer High Product Manifest implementation-url https://maven.apache.org/shared/maven-artifact-transfer/ Low Product Manifest specification-title Apache Maven Artifact Transfer Medium Product jar package name maven Highest Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Product pom name Apache Maven Artifact Transfer High Version file version 0.11.0 High Version Manifest Implementation-Version 0.11.0 High Version pom version 0.11.0 Highest Version pom parent-version 0.11.0 Low
maven-assembly-plugin-3.3.0.jarDescription:
A Maven plugin to create archives of your project's sources, classes, dependencies etc. from flexible assembly descriptors. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-assembly-plugin\3.3.0\maven-assembly-plugin-3.3.0.jarMD5: 293b255c88e27e9c27df4302f6570647SHA1: 2c8c023bea52b921dad927f448b2cd9364e8dd30SHA256: 2d51509b2a8c53a524ba2d97609a8b7be00751f22df1ff3019c174c8ed127536Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Apache Maven Assembly Plugin High Vendor file name maven-assembly-plugin High Vendor pom artifactid maven-assembly-plugin Low Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor jar package name assembly Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Product pom name Apache Maven Assembly Plugin High Product pom artifactid maven-assembly-plugin Highest Product file name maven-assembly-plugin High Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product jar package name assembly Highest Product Manifest specification-title Apache Maven Assembly Plugin Medium Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product Manifest Implementation-Title Apache Maven Assembly Plugin High Version pom parent-version 3.3.0 Low Version pom version 3.3.0 Highest Version file version 3.3.0 High Version Manifest Implementation-Version 3.3.0 High
maven-changelog-plugin-2.3.jarDescription:
Produce SCM changelog reports. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-changelog-plugin\2.3\maven-changelog-plugin-2.3.jarMD5: ca7bca18bb56a20acd842360b5e858f1SHA1: 50d90237471f05727d1bc72868cf9eb2af125c9aSHA256: c81433aaaf7e9e07cf3cef3e0b33f07ed8ba27e6bca7a01b33a7474bf27bdcb2Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-changelog-plugin Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor jar package name changelog Highest Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name plugin Highest Vendor pom name Apache Maven Changelog Plugin High Vendor file name maven-changelog-plugin High Product pom artifactid maven-changelog-plugin Highest Product Manifest specification-title Apache Maven Changelog Plugin Medium Product Manifest Implementation-Title Apache Maven Changelog Plugin High Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product jar package name changelog Highest Product pom parent-groupid org.apache.maven.plugins Medium Product jar package name plugin Highest Product pom name Apache Maven Changelog Plugin High Product file name maven-changelog-plugin High Version pom parent-version 2.3 Low Version Manifest Implementation-Version 2.3 High Version pom version 2.3 Highest Version file version 2.3 High
maven-checkstyle-plugin-3.1.1.jarDescription:
Generates a report on violations of code style and optionally fails the build if violations are detected. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-checkstyle-plugin\3.1.1\maven-checkstyle-plugin-3.1.1.jarMD5: c8cdf23c31573ce7caf1189e8bd62422SHA1: 0949b6d31b980570397aa42d794bfd821e5491f1SHA256: 700dffabf678e1869ab4463b5f1167ba33ed43b4defb328ea572ab8822b8e1afReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-checkstyle-plugin High Vendor pom parent-artifactid maven-plugins Low Vendor pom name Apache Maven Checkstyle Plugin High Vendor jar package name apache Highest Vendor jar package name checkstyle Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor pom artifactid maven-checkstyle-plugin Low Product Manifest Implementation-Title Apache Maven Checkstyle Plugin High Product Manifest specification-title Apache Maven Checkstyle Plugin Medium Product file name maven-checkstyle-plugin High Product pom artifactid maven-checkstyle-plugin Highest Product pom parent-artifactid maven-plugins Medium Product pom name Apache Maven Checkstyle Plugin High Product jar package name apache Highest Product jar package name checkstyle Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Version pom version 3.1.1 Highest Version Manifest Implementation-Version 3.1.1 High Version pom parent-version 3.1.1 Low Version file version 3.1.1 High
Published Vulnerabilities CVE-2019-10782 suppress
All versions of com.puppycrawl.tools:checkstyle before 8.29 are vulnerable to XML External Entity (XXE) Injection due to an incomplete fix for CVE-2019-9658. CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions:
CVE-2019-9658 suppress
Checkstyle before 8.18 loads external DTDs by default. CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.3) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N References:
Vulnerable Software & Versions:
maven-clean-plugin-3.1.0.jarDescription:
The Maven Clean Plugin is a plugin that removes files generated at build-time in a project's directory.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-clean-plugin\3.1.0\maven-clean-plugin-3.1.0.jarMD5: 3e45e97b4cf6a084a5bff41b0433d1edSHA1: 2e030994e207ee572491927b198b139424133b2eSHA256: 95a568b529d34949c13e9011d249c602f6c3ab0f295e5e826ef35b6a60656930Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-clean-plugin High Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor jar package name clean Highest Vendor pom name Apache Maven Clean Plugin High Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor Manifest implementation-url https://maven.apache.org/plugins/maven-clean-plugin/ Low Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom artifactid maven-clean-plugin Low Vendor pom groupid org.apache.maven.plugins Highest Product pom artifactid maven-clean-plugin Highest Product Manifest specification-title Apache Maven Clean Plugin Medium Product Manifest Implementation-Title Apache Maven Clean Plugin High Product file name maven-clean-plugin High Product jar package name clean Highest Product pom name Apache Maven Clean Plugin High Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest implementation-url https://maven.apache.org/plugins/maven-clean-plugin/ Low Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Version file version 3.1.0 High Version pom parent-version 3.1.0 Low Version Manifest Implementation-Version 3.1.0 High Version pom version 3.1.0 Highest
maven-common-artifact-filters-3.1.0.jarDescription:
A collection of ready-made filters to control inclusion/exclusion of artifacts during dependency resolution. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-common-artifact-filters\3.1.0\maven-common-artifact-filters-3.1.0.jarMD5: fcd2e81ecc9836ba892333a299a9cd2eSHA1: 7d1eda9af6db77618766f31cb1971baed2ca3fa3SHA256: 82a584c58bd6a1b13861e2d4cc194b5afc09ca0adad9fda741f16337dcda2e96Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor jar package name artifact Highest Vendor jar package name apache Highest Vendor pom name Apache Maven Common Artifact Filters High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor file name maven-common-artifact-filters High Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom artifactid maven-common-artifact-filters Low Vendor pom parent-artifactid maven-shared-components Low Vendor Manifest implementation-url https://maven.apache.org/shared/maven-common-artifact-filters/ Low Product Manifest Implementation-Title Apache Maven Common Artifact Filters High Product Manifest specification-title Apache Maven Common Artifact Filters Medium Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product pom artifactid maven-common-artifact-filters Highest Product jar package name artifact Highest Product jar package name apache Highest Product pom name Apache Maven Common Artifact Filters High Product jar package name maven Highest Product file name maven-common-artifact-filters High Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Product Manifest implementation-url https://maven.apache.org/shared/maven-common-artifact-filters/ Low Version file version 3.1.0 High Version pom parent-version 3.1.0 Low Version Manifest Implementation-Version 3.1.0 High Version pom version 3.1.0 Highest
maven-compat-3.2.5.jarDescription:
Maven2 classes maintained as compatibility layer. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-compat\3.2.5\maven-compat-3.2.5.jarMD5: 51f223e0f20d92fb0e787ff35bfd0617SHA1: abba4fe27dccc584be796154726c525cb4dbe882SHA256: d20015d3aa9598f75ce0012ce1fff771cc2565aa12527a40617a3d0fae54b526Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven Compat High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor file name maven-compat High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom artifactid maven-compat Low Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product pom name Maven Compat High Product Manifest Implementation-Title Maven Compat High Product Manifest specification-title Maven Compat Medium Product file name maven-compat High Product pom artifactid maven-compat Highest Product jar package name maven Highest Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Version pom version 3.2.5 Highest Version Manifest Implementation-Version 3.2.5 High Version file version 3.2.5 High
maven-compiler-plugin-3.8.1.jarDescription:
The Compiler Plugin is used to compile the sources of your project. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-compiler-plugin\3.8.1\maven-compiler-plugin-3.8.1.jarMD5: 2302ca0a4165759af72c45199f154a49SHA1: be834db00dbace3d7fd08a6e0e96ab5e4af45f99SHA256: d14731947840eec6facef2c8f3ca050ae6dd2ff4d071700e1e62ccfd510856bdReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name compiler Highest Vendor pom name Apache Maven Compiler Plugin High Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor file name maven-compiler-plugin High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name plugin Highest Vendor Manifest implementation-url https://maven.apache.org/plugins/maven-compiler-plugin/ Low Vendor pom artifactid maven-compiler-plugin Low Product jar package name compiler Highest Product pom name Apache Maven Compiler Plugin High Product pom artifactid maven-compiler-plugin Highest Product pom parent-artifactid maven-plugins Medium Product Manifest Implementation-Title Apache Maven Compiler Plugin High Product Manifest specification-title Apache Maven Compiler Plugin Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product file name maven-compiler-plugin High Product jar package name maven Highest Product pom parent-groupid org.apache.maven.plugins Medium Product jar package name plugin Highest Product Manifest implementation-url https://maven.apache.org/plugins/maven-compiler-plugin/ Low Version pom parent-version 3.8.1 Low Version Manifest Implementation-Version 3.8.1 High Version file version 3.8.1 High Version pom version 3.8.1 Highest
maven-core-3.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-core\3.0\maven-core-3.0.jarMD5: 9bd377874764a4fad7209021abfe7cf7SHA1: 73728ce32c9016c8bd05584301fa3ba3a6f5d20aSHA256: ba03294ee53e7ba31838e4950f280d033c7744c6c7b31253afc75aa351fbd989Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven Core High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom artifactid maven-core Low Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Vendor file name maven-core High Product jar package name apache Highest Product pom parent-artifactid maven Medium Product pom artifactid maven-core Highest Product Manifest specification-title Maven Core Medium Product jar package name maven Highest Product pom name Maven Core High Product Manifest Implementation-Title Maven Core High Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product file name maven-core High Version file version 3.0 High Version pom version 3.0 Highest Version Manifest Implementation-Version 3.0 High
maven-dependency-analyzer-1.11.1.jarDescription:
Analyzes the dependencies of a project for undeclared or unused artifacts.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-dependency-analyzer\1.11.1\maven-dependency-analyzer-1.11.1.jarMD5: b16831be23084f3ae9e9379e41e21fe5SHA1: 7ac054950bc130d8b27ad72d2af819cd30f592c2SHA256: 4c297c01694d9b4d333f98abff2682823d75a3a2ea235668e7c33e1aaeb9da10Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Apache Maven Dependency Analyzer High Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor jar package name apache Highest Vendor pom artifactid maven-dependency-analyzer Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor file name maven-dependency-analyzer High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor Manifest implementation-url https://maven.apache.org/shared/maven-dependency-analyzer/ Low Vendor jar package name dependency Highest Vendor pom parent-artifactid maven-shared-components Low Product pom name Apache Maven Dependency Analyzer High Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product jar package name apache Highest Product file name maven-dependency-analyzer High Product jar package name maven Highest Product pom artifactid maven-dependency-analyzer Highest Product pom groupid apache.maven.shared Highest Product Manifest implementation-url https://maven.apache.org/shared/maven-dependency-analyzer/ Low Product jar package name shared Highest Product jar package name dependency Highest Product Manifest Implementation-Title Apache Maven Dependency Analyzer High Product Manifest specification-title Apache Maven Dependency Analyzer Medium Version Manifest Implementation-Version 1.11.1 High Version pom version 1.11.1 Highest Version file version 1.11.1 High Version pom parent-version 1.11.1 Low
maven-dependency-plugin-3.1.2.jarDescription:
Provides utility goals to work with dependencies like copying, unpacking, analyzing, resolving and many more. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-dependency-plugin\3.1.2\maven-dependency-plugin-3.1.2.jarMD5: 2e1a0bc3dc2e4288b1a0f92d0f0f3310SHA1: d302dfb35606fc9616cab602fc062dc95d03cb30SHA256: d42ff91e4cf62d98611ce38472eed3d2c62604ef07d9a7c770df95d8b4e79e37Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-dependency-plugin High Vendor pom artifactid maven-dependency-plugin Low Vendor pom name Apache Maven Dependency Plugin High Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name dependency Highest Product file name maven-dependency-plugin High Product pom name Apache Maven Dependency Plugin High Product pom artifactid maven-dependency-plugin Highest Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product Manifest Implementation-Title Apache Maven Dependency Plugin High Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product Manifest specification-title Apache Maven Dependency Plugin Medium Product jar package name dependency Highest Version pom version 3.1.2 Highest Version Manifest Implementation-Version 3.1.2 High Version pom parent-version 3.1.2 Low Version file version 3.1.2 High
maven-dependency-tree-3.0.1.jarDescription:
A tree-based API for resolution of Maven project dependencies File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-dependency-tree\3.0.1\maven-dependency-tree-3.0.1.jarMD5: 5c94d3d8b896f0e9f29295fd46cffaa0SHA1: e9ae9966f1d3a238004c8b15ca4fd0e03d405424SHA256: c7d0968a60678fcabd3f6e7ef32812c77f14bb964e66f4ae2b907d4efd675067Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-dependency-tree Low Vendor file name maven-dependency-tree High Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor Manifest implementation-url https://maven.apache.org/shared/maven-dependency-tree/ Low Vendor pom name Apache Maven Dependency Tree High Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor jar package name dependency Highest Vendor pom parent-artifactid maven-shared-components Low Product file name maven-dependency-tree High Product Manifest Implementation-Title Apache Maven Dependency Tree High Product Manifest specification-title Apache Maven Dependency Tree Medium Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product jar package name apache Highest Product jar package name maven Highest Product Manifest implementation-url https://maven.apache.org/shared/maven-dependency-tree/ Low Product pom name Apache Maven Dependency Tree High Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Product jar package name dependency Highest Product pom artifactid maven-dependency-tree Highest Version pom version 3.0.1 Highest Version file version 3.0.1 High Version Manifest Implementation-Version 3.0.1 High Version pom parent-version 3.0.1 Low
maven-deploy-plugin-3.0.0-M1.jarDescription:
Uploads the project artifacts to the internal remote repository. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-deploy-plugin\3.0.0-M1\maven-deploy-plugin-3.0.0-M1.jarMD5: 38e0ad7d9ed75a9995d7feced224006eSHA1: 03f0e4ad61782e0d68306422d62cf052b58be174SHA256: 85cd6da97d5eca5deeb8a92095125bfb9e0ad108951d65c482c660455c0c08caReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-deploy-plugin Low Vendor file name maven-deploy-plugin High Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor Manifest implementation-url https://maven.apache.org/plugins/maven-deploy-plugin/ Low Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor pom name Apache Maven Deploy Plugin High Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name deploy Highest Product Manifest Implementation-Title Apache Maven Deploy Plugin High Product Manifest specification-title Apache Maven Deploy Plugin Medium Product file name maven-deploy-plugin High Product Manifest implementation-url https://maven.apache.org/plugins/maven-deploy-plugin/ Low Product pom artifactid maven-deploy-plugin Highest Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product pom name Apache Maven Deploy Plugin High Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product jar package name deploy Highest Version pom version 3.0.0-M1 Highest Version Manifest Implementation-Version 3.0.0-M1 High Version pom parent-version 3.0.0-M1 Low
maven-enforcer-plugin-3.0.0-M3.jarDescription:
The Loving Iron Fist of Maven File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-enforcer-plugin\3.0.0-M3\maven-enforcer-plugin-3.0.0-M3.jarMD5: e9b80fe506e18d6be4c1e35f6c5b9cb1SHA1: c45ecb8536cb08cf2c5e0852465623e846ade760SHA256: b7220ba197a6ae585b8cce5f99efc7d12ba4b1e1ee79c571da836ec3344d691aReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.maven.enforcer Medium Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor pom artifactid maven-enforcer-plugin Low Vendor pom name Apache Maven Enforcer Plugin High Vendor file name maven-enforcer-plugin High Vendor jar package name apache Highest Vendor pom parent-artifactid enforcer Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor jar package name enforcer Highest Vendor jar package name plugins Highest Vendor pom groupid org.apache.maven.plugins Highest Vendor Manifest implementation-url https://maven.apache.org/enforcer/maven-enforcer-plugin/ Low Product pom parent-artifactid enforcer Medium Product pom parent-groupid org.apache.maven.enforcer Medium Product pom name Apache Maven Enforcer Plugin High Product file name maven-enforcer-plugin High Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product pom artifactid maven-enforcer-plugin Highest Product jar package name enforcer Highest Product Manifest Implementation-Title Apache Maven Enforcer Plugin High Product Manifest specification-title Apache Maven Enforcer Plugin Medium Product jar package name plugins Highest Product Manifest implementation-url https://maven.apache.org/enforcer/maven-enforcer-plugin/ Low Version Manifest Implementation-Version 3.0.0-M3 High Version pom version 3.0.0-M3 Highest
maven-filtering-3.1.1.jarDescription:
A component to assist in filtering of resource files with properties from a Maven project. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-filtering\3.1.1\maven-filtering-3.1.1.jarMD5: 2007efd99d1dfd4492ffa9340eb6b04aSHA1: 52f2401b6e1a8cc40185da68e5c514f01f7a7a68SHA256: c18508178f300201c4cb5fd771ebb0449ad596da18ba2881037d4f74f202505fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name filtering Highest Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor Manifest implementation-url https://maven.apache.org/shared/maven-filtering/ Low Vendor jar package name apache Highest Vendor pom name Apache Maven Filtering High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom groupid apache.maven.shared Highest Vendor pom artifactid maven-filtering Low Vendor jar package name shared Highest Vendor pom parent-artifactid maven-shared-components Low Vendor file name maven-filtering High Product Manifest Implementation-Title Apache Maven Filtering High Product Manifest specification-title Apache Maven Filtering Medium Product jar package name filtering Highest Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product Manifest implementation-url https://maven.apache.org/shared/maven-filtering/ Low Product jar package name apache Highest Product pom name Apache Maven Filtering High Product pom artifactid maven-filtering Highest Product jar package name maven Highest Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Product file name maven-filtering High Version pom version 3.1.1 Highest Version Manifest Implementation-Version 3.1.1 High Version pom parent-version 3.1.1 Low Version file version 3.1.1 High
maven-gpg-plugin-1.6.jarDescription:
Signs the project artifacts with GnuPG. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-gpg-plugin\1.6\maven-gpg-plugin-1.6.jarMD5: e2cd7843f0714f8eebff181011817e0dSHA1: 4ec125296d79f591e412ccc8ebdfcc3a91e2cdd7SHA256: ee2c83996d7d714fd1bcef3ff7d02f7217e06b5c04d283227bf0116839b6572bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-gpg-plugin Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor file name maven-gpg-plugin High Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name plugin Highest Vendor pom name Apache Maven GPG Plugin High Vendor jar package name gpg Highest Product Manifest Implementation-Title Apache Maven GPG Plugin High Product pom artifactid maven-gpg-plugin Highest Product Manifest specification-title Apache Maven GPG Plugin Medium Product file name maven-gpg-plugin High Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product pom parent-groupid org.apache.maven.plugins Medium Product jar package name plugin Highest Product pom name Apache Maven GPG Plugin High Product jar package name gpg Highest Version pom version 1.6 Highest Version pom parent-version 1.6 Low Version file version 1.6 High Version Manifest Implementation-Version 1.6 High
maven-install-plugin-3.0.0-M1.jarDescription:
Copies the project artifacts to the user's local repository. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-install-plugin\3.0.0-M1\maven-install-plugin-3.0.0-M1.jarMD5: 703dfd0c62f1b850cc8c66e579450f82SHA1: c21aa5f091c9e5f7d0c064b92f67c1b72444d04cSHA256: 98ccb028f1bd9cd199b0c62b5d14b5cf599c3eedaf4df16c447dbcbe10d22f0cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name install Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor pom parent-artifactid maven-plugins Low Vendor pom artifactid maven-install-plugin Low Vendor jar package name apache Highest Vendor pom name Apache Maven Install Plugin High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor file name maven-install-plugin High Vendor Manifest implementation-url https://maven.apache.org/plugins/maven-install-plugin/ Low Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Product Manifest Implementation-Title Apache Maven Install Plugin High Product Manifest specification-title Apache Maven Install Plugin Medium Product jar package name install Highest Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product pom name Apache Maven Install Plugin High Product file name maven-install-plugin High Product Manifest implementation-url https://maven.apache.org/plugins/maven-install-plugin/ Low Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product pom artifactid maven-install-plugin Highest Version pom version 3.0.0-M1 Highest Version Manifest Implementation-Version 3.0.0-M1 High Version pom parent-version 3.0.0-M1 Low
maven-invoker-3.0.0.jarDescription:
A component to programmatically invoke Maven. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-invoker\3.0.0\maven-invoker-3.0.0.jarMD5: 9d9136c12ed1e9c699f9ee1839180627SHA1: 54839b41d4bbe49401ff162b68276dd69e194a10SHA256: dc7a719460abbd81e4fc69168c12c0ca91eb10bc97628c5a813c3beb7b57cafcReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name invoker Highest Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor Manifest implementation-url https://maven.apache.org/shared/maven-invoker/ Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom artifactid maven-invoker Low Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom parent-artifactid maven-shared-components Low Vendor file name maven-invoker High Vendor pom name Apache Maven Invoker High Product jar package name invoker Highest Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product Manifest implementation-url https://maven.apache.org/shared/maven-invoker/ Low Product Manifest Implementation-Title Apache Maven Invoker High Product jar package name apache Highest Product pom artifactid maven-invoker Highest Product Manifest specification-title Apache Maven Invoker Medium Product jar package name maven Highest Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Product file name maven-invoker High Product pom name Apache Maven Invoker High Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High Version pom parent-version 3.0.0 Low
maven-jar-plugin-3.2.0.jarDescription:
Builds a Java Archive (JAR) file from the compiled project classes and resources. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-jar-plugin\3.2.0\maven-jar-plugin-3.2.0.jarMD5: ddbfb6150548d562edc08094fc40e4d2SHA1: 3d0c701677e8be0065ab7cbef023d04793a3a1feSHA256: 200dbc568096e82c6925ab425f748370e33a4c5bea40a2e64a58e4ab7d5eb9cbReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-jar-plugin Low Vendor file name maven-jar-plugin High Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor jar package name jar Highest Vendor jar package name plugins Highest Vendor Manifest implementation-url https://maven.apache.org/plugins/maven-jar-plugin/ Low Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor pom name Apache Maven JAR Plugin High Product file name maven-jar-plugin High Product pom parent-artifactid maven-plugins Medium Product pom artifactid maven-jar-plugin Highest Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest Implementation-Title Apache Maven JAR Plugin High Product jar package name jar Highest Product Manifest specification-title Apache Maven JAR Plugin Medium Product Manifest implementation-url https://maven.apache.org/plugins/maven-jar-plugin/ Low Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product pom name Apache Maven JAR Plugin High Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest Version pom parent-version 3.2.0 Low Version file version 3.2.0 High
maven-javadoc-plugin-3.2.0.jarDescription:
The Apache Maven Javadoc Plugin is a plugin that uses the javadoc tool for
generating javadocs for the specified project.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-javadoc-plugin\3.2.0\maven-javadoc-plugin-3.2.0.jarMD5: d99b12ba67383532d831cee09bf41a92SHA1: f65507461614485b907c3c71a2730cfe65041c46SHA256: e2879c0d8ccee6221ca9b9d2d7c38b25d15fda56228bacf839e8d8cf9702ce81Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-javadoc-plugin High Vendor jar package name javadoc Highest Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom name Apache Maven Javadoc Plugin High Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor pom artifactid maven-javadoc-plugin Low Product pom artifactid maven-javadoc-plugin Highest Product file name maven-javadoc-plugin High Product jar package name javadoc Highest Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product Manifest Implementation-Title Apache Maven Javadoc Plugin High Product Manifest specification-title Apache Maven Javadoc Plugin Medium Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product pom name Apache Maven Javadoc Plugin High Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest Version pom parent-version 3.2.0 Low Version file version 3.2.0 High
maven-jxr-3.0.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-jxr\3.0.0\maven-jxr-3.0.0.jarMD5: a476250ca14e427a8d966bb77e7f817aSHA1: aa5632846150e137dd214c790c91eef150764dc9SHA256: f769d792cbe78fae9a12657e98f82fc1d60ef251c3d9a181a9d1b98b025714a3Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid jxr Low Vendor Manifest implementation-url https://maven.apache.org/jxr/maven-jxr/ Low Vendor jar package name jxr Highest Vendor pom name Maven JXR High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor pom parent-groupid org.apache.maven.jxr Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor file name maven-jxr High Vendor pom artifactid maven-jxr Low Vendor pom groupid org.apache.maven Highest Product jar package name jxr Highest Product Manifest implementation-url https://maven.apache.org/jxr/maven-jxr/ Low Product pom name Maven JXR High Product pom groupid apache.maven Highest Product Manifest Implementation-Title Maven JXR High Product pom parent-groupid org.apache.maven.jxr Medium Product Manifest specification-title Maven JXR Medium Product jar package name apache Highest Product pom artifactid maven-jxr Highest Product jar package name maven Highest Product file name maven-jxr High Product pom parent-artifactid jxr Medium Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High
maven-jxr-plugin-3.0.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-jxr-plugin\3.0.0\maven-jxr-plugin-3.0.0.jarMD5: 62f52d8b5aeefbb629de31d3e8f0346aSHA1: a79f1d4367328f59d8ce80a8b347f6c050c54f32SHA256: c7cebcb2986e7db0ef210c6e61224fd7b2a4990c0a25b8e43b5aab47c58b8c99Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid jxr Low Vendor jar package name jxr Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor pom artifactid maven-jxr-plugin Low Vendor pom name Maven JXR Plugin High Vendor file name maven-jxr-plugin High Vendor Manifest implementation-url https://maven.apache.org/jxr/maven-jxr-plugin/ Low Vendor pom parent-groupid org.apache.maven.jxr Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name plugin Highest Product Manifest Implementation-Title Maven JXR Plugin High Product jar package name jxr Highest Product Manifest specification-title Maven JXR Plugin Medium Product pom name Maven JXR Plugin High Product file name maven-jxr-plugin High Product Manifest implementation-url https://maven.apache.org/jxr/maven-jxr-plugin/ Low Product pom parent-groupid org.apache.maven.jxr Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product pom artifactid maven-jxr-plugin Highest Product jar package name plugin Highest Product pom parent-artifactid jxr Medium Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High
maven-mapping-3.0.0.jarDescription:
A shared component to assist in interpolating file names using properties from a Maven project. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-mapping\3.0.0\maven-mapping-3.0.0.jarMD5: f156b9f061b691b73324e855ae8a950aSHA1: f482f00127482a4efea14212445a5a1cc4d83766SHA256: 6e3ffcf4a4c3ddf82c61f169e8f75f6ffccff086f4f3c7a3065ebc548c85b97dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor file name maven-mapping High Vendor pom name Apache Maven Mapping High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom artifactid maven-mapping Low Vendor jar package name mapping Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom parent-artifactid maven-shared-components Low Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product pom artifactid maven-mapping Highest Product file name maven-mapping High Product pom name Apache Maven Mapping High Product jar package name apache Highest Product Manifest Implementation-Title Apache Maven Mapping High Product jar package name maven Highest Product jar package name mapping Highest Product Manifest specification-title Apache Maven Mapping Medium Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High Version pom parent-version 3.0.0 Low
maven-model-3.0.jarDescription:
Maven Model File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-model\3.0\maven-model-3.0.jarMD5: 562636665b6ac87297513246c5bdccd2SHA1: 24ce598c94a78341c42556fe9192dad6a2822405SHA256: 27e426d73f8662b47f60df0e43439b3dec2909c42b89175a6e4431dfed3edafdReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-model High Vendor pom artifactid maven-model Low Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor jar package name model Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Model High Product jar package name model Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product file name maven-model High Product Manifest specification-title Maven Model Medium Product jar package name maven Highest Product Manifest Implementation-Title Maven Model High Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product pom artifactid maven-model Highest Product pom name Maven Model High Version file version 3.0 High Version pom version 3.0 Highest Version Manifest Implementation-Version 3.0 High
maven-model-builder-3.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-model-builder\3.0\maven-model-builder-3.0.jarMD5: b995b6ca151d6d74f5a64047807e6318SHA1: bedc161a3b07a4bcd175b9428cdf18725d292b37SHA256: 1c98a4ec9eb0cb86ecf01710aa75c0346ee3f96edc6edeabcb21ed984120e154Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven Model Builder High Vendor pom artifactid maven-model-builder Low Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor jar package name model Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor file name maven-model-builder High Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product jar package name model Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product jar package name maven Highest Product pom name Maven Model Builder High Product file name maven-model-builder High Product pom parent-groupid org.apache.maven Medium Product Manifest Implementation-Title Maven Model Builder High Product pom groupid apache.maven Highest Product pom artifactid maven-model-builder Highest Product Manifest specification-title Maven Model Builder Medium Version file version 3.0 High Version pom version 3.0 Highest Version Manifest Implementation-Version 3.0 High
maven-plugin-api-3.1.0.jarDescription:
The API for plugins - Mojos - development. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-plugin-api\3.1.0\maven-plugin-api-3.1.0.jarMD5: 3a2af8945d7b2ae38ca33a97f60a9611SHA1: 8821fd1b81c6b960f7ce39f5dde612c665146fd8SHA256: c6e743680d5ca55a39652f14777181fadf98b6cfef870c3985996f2a5cd0bf6dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-plugin-api High Vendor pom artifactid maven-plugin-api Low Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Maven Plugin API High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor jar package name plugin Highest Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product file name maven-plugin-api High Product pom name Maven Plugin API High Product jar package name maven Highest Product Manifest Implementation-Title Maven Plugin API High Product Manifest specification-title Maven Plugin API Medium Product jar package name plugin Highest Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product pom artifactid maven-plugin-api Highest Version file version 3.1.0 High Version Manifest Implementation-Version 3.1.0 High Version pom version 3.1.0 Highest
maven-pmd-plugin-3.14.0.jarDescription:
A Maven plugin for the PMD toolkit, that produces a report on both code rule violations and detected copy and paste
fragments,
as well as being able to fail the build based on these metrics.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-pmd-plugin\3.14.0\maven-pmd-plugin-3.14.0.jarMD5: 34604e6b3bf1313382602a6f2d837521SHA1: 25bf1a6099a052bd7b39dc93920bf31e654ed09eSHA256: ba942af6dba1e1d696e981d2cc6c6f7d016ec623d9564b587ce9fdd028835128Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest build-jdk-spec 1.7 Low Vendor jar package name pmd Highest Vendor pom artifactid maven-pmd-plugin Low Vendor pom parent-artifactid maven-plugins Low Vendor pom name Apache Maven PMD Plugin High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor file name maven-pmd-plugin High Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Product Manifest Implementation-Title Apache Maven PMD Plugin High Product Manifest build-jdk-spec 1.7 Low Product Manifest specification-title Apache Maven PMD Plugin Medium Product jar package name pmd Highest Product pom parent-artifactid maven-plugins Medium Product pom name Apache Maven PMD Plugin High Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product file name maven-pmd-plugin High Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product pom artifactid maven-pmd-plugin Highest Version pom parent-version 3.14.0 Low Version file version 3.14.0 High Version Manifest Implementation-Version 3.14.0 High Version pom version 3.14.0 Highest
Published Vulnerabilities CVE-2019-7722 suppress
PMD 5.8.1 and earlier processes XML external entities in ruleset files it parses as part of the analysis process, allowing attackers tampering it (either by direct modification or MITM attacks when using remote rulesets) to perform information disclosure, denial of service, or request forgery attacks. (PMD 6.x is unaffected because of a 2017-09-15 change.) CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
maven-project-3.0-alpha-2.jarDescription:
This library is used to not only read Maven project object model files, but to assemble inheritence
and to retrieve remote models as required. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-project\3.0-alpha-2\maven-project-3.0-alpha-2.jarMD5: 2e5d64b450ea6cb9eb67e8e0f567c449SHA1: fd7d64f9e8ec392132c716f07d35416051a7d09aSHA256: 0b76d82011452170dddd21fb33da6bfc414ff6629fce6219fbf1d78ce1518e90Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid apache.maven Highest Vendor pom artifactid maven-project Low Vendor jar package name project Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor pom name Maven Project High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor file name maven-project High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product pom name Maven Project High Product file name maven-project High Product jar package name maven Highest Product pom artifactid maven-project Highest Product Manifest specification-title Maven Project Medium Product Manifest Implementation-Title Maven Project High Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product jar package name project Highest Version pom version 3.0-alpha-2 Highest Version Manifest Implementation-Version 3.0-alpha-2 High
maven-project-builder-3.0-alpha-2.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-project-builder\3.0-alpha-2\maven-project-builder-3.0-alpha-2.jarMD5: 3f962398b452901b94a040c5cac772f6SHA1: c0549120b6220b1c4af5a2859bc8196e1c8b6cc0SHA256: f3905cb8c223c33f6121bc937b66a2f58653be766042fb6e924b9882c555d891Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name builder Highest Vendor pom groupid apache.maven Highest Vendor jar package name project Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor pom artifactid maven-project-builder Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom name Maven Project Builder High Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor file name maven-project-builder High Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product Manifest specification-title Maven Project Builder Medium Product jar package name builder Highest Product Manifest Implementation-Title Maven Project Builder High Product pom parent-artifactid maven Medium Product pom groupid apache.maven Highest Product jar package name project Highest Product jar package name apache Highest Product pom name Maven Project Builder High Product jar package name maven Highest Product pom artifactid maven-project-builder Highest Product file name maven-project-builder High Product pom parent-groupid org.apache.maven Medium Version pom version 3.0-alpha-2 Highest Version Manifest Implementation-Version 3.0-alpha-2 High
maven-project-info-reports-plugin-3.1.1.jarDescription:
The Maven Project Info Reports Plugin is a plugin that generates standard reports
for the specified project.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-project-info-reports-plugin\3.1.1\maven-project-info-reports-plugin-3.1.1.jarMD5: 01b0fe6cd5cc607b4e0b5c5b80cc944eSHA1: 11813ce78b948b0ceb9af3f80fcedd80b6f29e7aSHA256: e92452130fa9696c92657422f1d863c83928ce535d7bd81ef2ee4f5531dcd12bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Apache Maven Project Info Reports Plugin High Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor pom artifactid maven-project-info-reports-plugin Low Vendor file name maven-project-info-reports-plugin High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Product jar package name apache Highest Product file name maven-project-info-reports-plugin High Product pom artifactid maven-project-info-reports-plugin Highest Product pom name Apache Maven Project Info Reports Plugin High Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product Manifest Implementation-Title Apache Maven Project Info Reports Plugin High Product pom parent-groupid org.apache.maven.plugins Medium Product Manifest specification-title Apache Maven Project Info Reports Plugin Medium Product pom parent-artifactid maven-plugins Medium Version pom version 3.1.1 Highest Version Manifest Implementation-Version 3.1.1 High Version pom parent-version 3.1.1 Low Version file version 3.1.1 High
maven-release-api-2.5.3.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\release\maven-release-api\2.5.3\maven-release-api-2.5.3.jarMD5: bec753d91bf8007f031955a8b13f831cSHA1: fe176e9bc32dcc7afadda69facc900f11055135fSHA256: 5bb9803321769f0f7f7550b6624e0777385312e8c45112411ea9287928396a43Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-release-api High Vendor pom groupid apache.maven.release Highest Vendor pom artifactid maven-release-api Low Vendor pom name Maven Release APIs High Vendor pom parent-groupid org.apache.maven.release Medium Vendor pom groupid org.apache.maven.release Highest Vendor jar package name release Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-artifactid maven-release Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.release Medium Product pom artifactid maven-release-api Highest Product jar package name release Highest Product jar package name apache Highest Product pom parent-artifactid maven-release Medium Product file name maven-release-api High Product pom groupid apache.maven.release Highest Product jar package name maven Highest Product Manifest Implementation-Title Maven Release APIs High Product Manifest specification-title Maven Release APIs Medium Product pom name Maven Release APIs High Product pom parent-groupid org.apache.maven.release Medium Version Manifest Implementation-Version 2.5.3 High Version file version 2.5.3 High Version pom version 2.5.3 Highest
maven-release-manager-2.5.3.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\release\maven-release-manager\2.5.3\maven-release-manager-2.5.3.jarMD5: 897f166e46ed9866478c97c123d298a3SHA1: 65485d8c11cee5f06ef70615a7e0a516ee055f1aSHA256: eed63b5e23d29a675a4612620c772db717b50a7c2cbd5c39eb7af86417222acfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid apache.maven.release Highest Vendor file name maven-release-manager High Vendor pom parent-groupid org.apache.maven.release Medium Vendor pom name Maven Release Manager High Vendor pom groupid org.apache.maven.release Highest Vendor pom artifactid maven-release-manager Low Vendor jar package name release Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-artifactid maven-release Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.release Medium Product jar package name release Highest Product jar package name apache Highest Product pom parent-artifactid maven-release Medium Product pom artifactid maven-release-manager Highest Product Manifest Implementation-Title Maven Release Manager High Product pom groupid apache.maven.release Highest Product file name maven-release-manager High Product jar package name maven Highest Product Manifest specification-title Maven Release Manager Medium Product pom parent-groupid org.apache.maven.release Medium Product pom name Maven Release Manager High Version Manifest Implementation-Version 2.5.3 High Version file version 2.5.3 High Version pom version 2.5.3 Highest
maven-release-plugin-2.5.3.jarDescription:
This plugin is used to release a project with Maven, saving a lot of repetitive, manual work. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-release-plugin\2.5.3\maven-release-plugin-2.5.3.jarMD5: e08ce0a8174d5f008fa589d059ea7004SHA1: 4a85ece12021a247251b9a28cf4d88b2ee80a17dSHA256: 2eda2eb7dcbb415eca11891f8ff3a347e9089dfb91deaa6e44732d2e0a260f6bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-release-plugin High Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor pom parent-groupid org.apache.maven.release Medium Vendor jar package name release Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor pom name Maven Release Plugin High Vendor jar package name plugins Highest Vendor pom groupid org.apache.maven.plugins Highest Vendor pom parent-artifactid maven-release Low Vendor pom artifactid maven-release-plugin Low Product pom artifactid maven-release-plugin Highest Product file name maven-release-plugin High Product pom parent-groupid org.apache.maven.release Medium Product Manifest Implementation-Title Maven Release Plugin High Product Manifest specification-title Maven Release Plugin Medium Product jar package name release Highest Product jar package name apache Highest Product pom parent-artifactid maven-release Medium Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product pom name Maven Release Plugin High Product jar package name plugins Highest Version Manifest Implementation-Version 2.5.3 High Version file version 2.5.3 High Version pom version 2.5.3 Highest
maven-reporting-api-3.0.jarDescription:
API to manage report generation. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\reporting\maven-reporting-api\3.0\maven-reporting-api-3.0.jarMD5: 48cd00abc388c5156879b335e869adabSHA1: b2541dd07d08cd5eff9bd4554a2ad6a4198e2dfeSHA256: 498949e5576b022559d1622e534c18e052f94dec883924b67e0a4e8676c07b17Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.maven.shared Medium Vendor file name maven-reporting-api High Vendor pom name Maven Reporting API High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.reporting Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom groupid apache.maven.reporting Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom artifactid maven-reporting-api Low Vendor jar package name maven Highest Vendor pom groupid org.apache.maven.reporting Highest Vendor jar package name reporting Highest Vendor pom parent-artifactid maven-shared-components Low Product Manifest specification-title Maven Reporting API Medium Product jar package name apache Highest Product pom groupid apache.maven.reporting Highest Product pom parent-artifactid maven-shared-components Medium Product pom artifactid maven-reporting-api Highest Product jar package name maven Highest Product Manifest Implementation-Title Maven Reporting API High Product pom parent-groupid org.apache.maven.shared Medium Product file name maven-reporting-api High Product jar package name reporting Highest Product pom name Maven Reporting API High Version file version 3.0 High Version pom version 3.0 Highest Version Manifest Implementation-Version 3.0 High Version pom parent-version 3.0 Low
maven-reporting-exec-1.5.1.jarDescription:
Classes to manage report plugin executions with Maven 3. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\reporting\maven-reporting-exec\1.5.1\maven-reporting-exec-1.5.1.jarMD5: 9def9a2663ee548b53952342a6c2f617SHA1: 7d1d05779302a75d1931b7e706406a4a1b8d7bccSHA256: 7cd1d1227cb6041cda146ee58163c928d50fc388a7f1dcb68cd84377a2ec7567Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest build-jdk-spec 1.7 Low Vendor jar package name exec Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor pom name Apache Maven Reporting Executor High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom groupid apache.maven.reporting Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor file name maven-reporting-exec High Vendor jar package name maven Highest Vendor pom groupid org.apache.maven.reporting Highest Vendor pom artifactid maven-reporting-exec Low Vendor jar package name reporting Highest Vendor pom parent-artifactid maven-shared-components Low Product Manifest build-jdk-spec 1.7 Low Product jar package name exec Highest Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product pom name Apache Maven Reporting Executor High Product pom artifactid maven-reporting-exec Highest Product jar package name apache Highest Product pom groupid apache.maven.reporting Highest Product Manifest Implementation-Title Apache Maven Reporting Executor High Product Manifest specification-title Apache Maven Reporting Executor Medium Product file name maven-reporting-exec High Product jar package name maven Highest Product jar package name reporting Highest Version file version 1.5.1 High Version pom version 1.5.1 Highest Version Manifest Implementation-Version 1.5.1 High Version pom parent-version 1.5.1 Low
maven-reporting-impl-2.2.jarDescription:
Abstract classes to manage report generation. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\reporting\maven-reporting-impl\2.2\maven-reporting-impl-2.2.jarMD5: 374a6837c2ae2fc5ff814b2c31b6e6d6SHA1: 42d1bd175eca91bcc613b699331125ab3b2292e1SHA256: 7b251d297a51352e38e730df758a8b3977cb1e564234d113fe7884db276c3f83Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.maven.shared Medium Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.reporting Medium Vendor file name maven-reporting-impl High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom groupid apache.maven.reporting Highest Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Maven Reporting Implementation High Vendor jar package name maven Highest Vendor pom artifactid maven-reporting-impl Low Vendor pom groupid org.apache.maven.reporting Highest Vendor jar package name reporting Highest Vendor pom parent-artifactid maven-shared-components Low Product pom artifactid maven-reporting-impl Highest Product jar package name apache Highest Product file name maven-reporting-impl High Product pom groupid apache.maven.reporting Highest Product pom name Maven Reporting Implementation High Product pom parent-artifactid maven-shared-components Medium Product jar package name maven Highest Product pom parent-groupid org.apache.maven.shared Medium Product Manifest specification-title Maven Reporting Implementation Medium Product jar package name reporting Highest Product Manifest Implementation-Title Maven Reporting Implementation High Version pom parent-version 2.2 Low Version pom version 2.2 Highest Version Manifest Implementation-Version 2.2 High Version file version 2.2 High
maven-repository-metadata-3.0.jarDescription:
Per-directory repository metadata. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-repository-metadata\3.0\maven-repository-metadata-3.0.jarMD5: 5a8cee4b67ea39a141b9579323b70e27SHA1: e3c41f7565b1e189ff7a312796b9d2c470c09a8bSHA256: c938e4d8cdf0674496749a87e6d3b29aa41b1b35a39898a1ade2bc9eae214c17Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven Repository Metadata Model High Vendor pom artifactid maven-repository-metadata Low Vendor file name maven-repository-metadata High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor jar package name repository Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product pom artifactid maven-repository-metadata Highest Product jar package name maven Highest Product jar package name repository Highest Product pom name Maven Repository Metadata Model High Product Manifest specification-title Maven Repository Metadata Model Medium Product Manifest Implementation-Title Maven Repository Metadata Model High Product file name maven-repository-metadata High Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Version file version 3.0 High Version pom version 3.0 Highest Version Manifest Implementation-Version 3.0 High
maven-resolver-api-1.1.1.jarDescription:
The application programming interface for the repository system.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\resolver\maven-resolver-api\1.1.1\maven-resolver-api-1.1.1.jarMD5: 8f863d91b0925df3e96f2da251dd27e5SHA1: 0394a1d2a8e05d4ff7c73d6cb2c8ae361441a6d7SHA256: a4ce03467f0c47615c53533ad1682fe00b8170f760e7ed0c57f5afc3035fe38bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid apache.maven.resolver Highest Vendor pom artifactid maven-resolver-api Low Vendor jar package name artifact Highest Vendor pom parent-artifactid maven-resolver Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.resolver Medium Vendor file name maven-resolver-api High Vendor Manifest automatic-module-name org.apache.maven.resolver Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name repository Highest Vendor Manifest implementation-url https://maven.apache.org/resolver/maven-resolver-api/ Low Vendor pom parent-groupid org.apache.maven.resolver Medium Vendor pom name Maven Artifact Resolver API High Vendor pom groupid org.apache.maven.resolver Highest Product Manifest Implementation-Title Maven Artifact Resolver API High Product Manifest specification-title Maven Artifact Resolver API Medium Product pom groupid apache.maven.resolver Highest Product jar package name artifact Highest Product pom artifactid maven-resolver-api Highest Product pom parent-artifactid maven-resolver Medium Product file name maven-resolver-api High Product Manifest automatic-module-name org.apache.maven.resolver Medium Product jar package name repository Highest Product Manifest implementation-url https://maven.apache.org/resolver/maven-resolver-api/ Low Product pom parent-groupid org.apache.maven.resolver Medium Product pom name Maven Artifact Resolver API High Version Manifest Implementation-Version 1.1.1 High Version pom version 1.1.1 Highest Version file version 1.1.1 High
maven-resolver-util-1.1.1.jarDescription:
A collection of utility classes to ease usage of the repository system.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\resolver\maven-resolver-util\1.1.1\maven-resolver-util-1.1.1.jarMD5: 75d71b77349256738a43ee1c260a1e27SHA1: df0edc6f5e3772d6573df9e155d2d909ec702838SHA256: 040e6bb13a34bc3fd721e9256784e996d2700a518476c6f9801c112699320208Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid apache.maven.resolver Highest Vendor jar package name artifact Highest Vendor Manifest automatic-module-name org.apache.maven.resolver.util Medium Vendor pom parent-artifactid maven-resolver Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.resolver Medium Vendor file name maven-resolver-util High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom artifactid maven-resolver-util Low Vendor jar package name repository Highest Vendor pom parent-groupid org.apache.maven.resolver Medium Vendor pom name Maven Artifact Resolver Utilities High Vendor jar package name util Highest Vendor pom groupid org.apache.maven.resolver Highest Vendor Manifest implementation-url https://maven.apache.org/resolver/maven-resolver-util/ Low Product pom groupid apache.maven.resolver Highest Product Manifest Implementation-Title Maven Artifact Resolver Utilities High Product jar package name artifact Highest Product pom parent-artifactid maven-resolver Medium Product Manifest automatic-module-name org.apache.maven.resolver.util Medium Product Manifest specification-title Maven Artifact Resolver Utilities Medium Product file name maven-resolver-util High Product jar package name repository Highest Product pom parent-groupid org.apache.maven.resolver Medium Product pom name Maven Artifact Resolver Utilities High Product pom artifactid maven-resolver-util Highest Product jar package name util Highest Product Manifest implementation-url https://maven.apache.org/resolver/maven-resolver-util/ Low Version Manifest Implementation-Version 1.1.1 High Version pom version 1.1.1 Highest Version file version 1.1.1 High
maven-resources-plugin-3.2.0.jarDescription:
The Resources Plugin handles the copying of project resources to the output
directory. There are two different kinds of resources: main resources and test resources. The
difference is that the main resources are the resources associated with the main
source code while the test resources are associated with the test source code.
Thus, this allows the separation of resources for the main source code and its
unit tests.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-resources-plugin\3.2.0\maven-resources-plugin-3.2.0.jarMD5: ce33173cdcb3438860967ccbfcfe994aSHA1: 9d05541e5cf878bcef03ac507c61717ae3a534edSHA256: 173530cda782cb1236c166ff894cf29a77e07fd1da1fc4eb98c1e8b5ac1fe8e1Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Apache Maven Resources Plugin High Vendor jar package name resources Highest Vendor pom artifactid maven-resources-plugin Low Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor file name maven-resources-plugin High Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Product pom name Apache Maven Resources Plugin High Product jar package name resources Highest Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product Manifest specification-title Apache Maven Resources Plugin Medium Product Manifest Implementation-Title Apache Maven Resources Plugin High Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product file name maven-resources-plugin High Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product pom artifactid maven-resources-plugin Highest Version Manifest Implementation-Version 3.2.0 High Version pom version 3.2.0 Highest Version pom parent-version 3.2.0 Low Version file version 3.2.0 High
maven-scm-api-1.8.jarDescription:
The SCM API provides mechanisms to manage all SCM tools. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-api\1.8\maven-scm-api-1.8.jarMD5: 1dede061ce699fdd80ea96aafd72ec35SHA1: ed97c180fb299713862c17c07006cc24137973ccSHA256: e8975e61746d80b082f6ff9cea947722fde40401374ba10f81b8778a1e2e58fbReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven SCM API High Vendor pom parent-artifactid maven-scm Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor file name maven-scm-api High Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom artifactid maven-scm-api Low Vendor pom groupid apache.maven.scm Highest Product pom parent-artifactid maven-scm Medium Product jar package name apache Highest Product pom name Maven SCM API High Product Manifest specification-title Maven SCM API Medium Product pom artifactid maven-scm-api Highest Product Manifest Implementation-Title Maven SCM API High Product jar package name maven Highest Product file name maven-scm-api High Product jar package name scm Highest Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-manager-plexus-1.8.jarDescription:
SCM Plexus component. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-manager-plexus\1.8\maven-scm-manager-plexus-1.8.jarMD5: f82e2c3b2b32ca1ed61e543fd46f9b57SHA1: 0c40252207550975e3235816a24eed3c932a4c72SHA256: 89e64f896a961ea8ce5b4d3513bcf657ba13322199ebb59d9987a0217dcfbbffReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.scm Highest Vendor pom artifactid maven-scm-manager-plexus Low Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor pom name Maven SCM Manager for Plexus High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name manager Highest Vendor pom parent-artifactid maven-scm-managers Low Vendor file name maven-scm-manager-plexus High Product pom artifactid maven-scm-manager-plexus Highest Product Manifest Implementation-Title Maven SCM Manager for Plexus High Product Manifest specification-title Maven SCM Manager for Plexus Medium Product jar package name scm Highest Product jar package name apache Highest Product pom name Maven SCM Manager for Plexus High Product jar package name maven Highest Product pom parent-artifactid maven-scm-managers Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name manager Highest Product file name maven-scm-manager-plexus High Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-plugin-1.11.2.jarDescription:
Maven Plugin that allows accessing different SCMs. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-scm-plugin\1.11.2\maven-scm-plugin-1.11.2.jarMD5: d23b442e24f855d107db89af686085c6SHA1: f87e68a62a6234b780ea7e4138f8b8f1f2f1c5c7SHA256: 43accdf7982df8ffa7530b5aba4a2bd99894e4ad55157e93750ddc10960a5e35Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm Low Vendor Manifest Implementation-Vendor-Id org.apache.maven.plugins Medium Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor file name maven-scm-plugin High Vendor jar package name maven Highest Vendor pom name Maven SCM Plugin High Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor jar package name plugin Highest Vendor Manifest implementation-url https://maven.apache.org/scm/maven-scm-plugin/ Low Vendor pom artifactid maven-scm-plugin Low Product Manifest Implementation-Title Maven SCM Plugin High Product jar package name scm Highest Product Manifest specification-title Maven SCM Plugin Medium Product pom artifactid maven-scm-plugin Highest Product pom parent-artifactid maven-scm Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product file name maven-scm-plugin High Product jar package name maven Highest Product pom name Maven SCM Plugin High Product pom parent-groupid org.apache.maven.scm Medium Product jar package name plugin Highest Product Manifest implementation-url https://maven.apache.org/scm/maven-scm-plugin/ Low Version Manifest Implementation-Version 1.11.2 High Version pom version 1.11.2 Highest Version file version 1.11.2 High
maven-scm-provider-accurev-1.11.2.jarDescription:
SCM Provider implementation for AccuRev (http://www.accurev.com/). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-accurev\1.11.2\maven-scm-provider-accurev-1.11.2.jarMD5: 12a9ab2c5c914349bb5562dcfb2f39c4SHA1: 193609ba4e871670d4680cbba89d29e27f741299SHA256: ff981cafd46c13c5e414938ddc131538b307faa9ed6963db4ace40d59a83828bReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor pom name Maven SCM AccuRev Provider High Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid maven-scm-provider-accurev Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor file name maven-scm-provider-accurev High Vendor Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-provider-accurev/ Low Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom name Maven SCM AccuRev Provider High Product Manifest Implementation-Title Maven SCM AccuRev Provider High Product jar package name scm Highest Product Manifest specification-title Maven SCM AccuRev Provider Medium Product jar package name apache Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product file name maven-scm-provider-accurev High Product Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-provider-accurev/ Low Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Product pom artifactid maven-scm-provider-accurev Highest Version Manifest Implementation-Version 1.11.2 High Version pom version 1.11.2 Highest Version file version 1.11.2 High
maven-scm-provider-bazaar-1.8.jarDescription:
SCM Provider implementation for Bazaar (http://bazaar-vcs.org/). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-bazaar\1.8\maven-scm-provider-bazaar-1.8.jarMD5: de72550fbe7bf252aeeeec9193cf82c4SHA1: f1ac373bbab601a401c8c7a32c9c79df40b2aec0SHA256: 7b43e0e4b8844f5e2531758d9c5bd1dddab7a5446e5e4ce14faae0280200e9d4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor pom name Maven SCM Bazaar Provider High Vendor file name maven-scm-provider-bazaar High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom artifactid maven-scm-provider-bazaar Low Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product Manifest Implementation-Title Maven SCM Bazaar Provider High Product Manifest specification-title Maven SCM Bazaar Provider Medium Product jar package name scm Highest Product pom name Maven SCM Bazaar Provider High Product pom artifactid maven-scm-provider-bazaar Highest Product file name maven-scm-provider-bazaar High Product jar package name apache Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-clearcase-1.8.jarDescription:
SCM Provider implementation for Clearcase (http://www-306.ibm.com/software/awdtools/clearcase/). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-clearcase\1.8\maven-scm-provider-clearcase-1.8.jarMD5: 5b506e7656856e57b04339dfb0a4e2dfSHA1: afe2771b02524f218b8cb1a4f46a4b8084d81e46SHA256: 155ffccc4cb59c7c077b3865ec0b081bba1f033b1d19e9134c9c2f7f2b9e7912Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor pom artifactid maven-scm-provider-clearcase Low Vendor jar package name providers Highest Vendor file name maven-scm-provider-clearcase High Vendor jar package name scm Highest Vendor pom name Maven SCM Clearcase Provider High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product Manifest Implementation-Title Maven SCM Clearcase Provider High Product jar package name providers Highest Product file name maven-scm-provider-clearcase High Product pom artifactid maven-scm-provider-clearcase Highest Product jar package name scm Highest Product pom name Maven SCM Clearcase Provider High Product jar package name apache Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Product Manifest specification-title Maven SCM Clearcase Provider Medium Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-cvs-commons-1.10.0.jarDescription:
Common library for SCM CVS Provider. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-cvs-commons\1.10.0\maven-scm-provider-cvs-commons-1.10.0.jarMD5: 204fd8bb2a22877b49d1f10a12608f3eSHA1: 584cb5f1f3fdd454ce5c46825abfe9f087afcd0bSHA256: e2802c0ae692daa1afe8dd5961371e2c2b28a096abe7bb413a77b07ba1d73742Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-providers-cvs/maven-scm-provider-cvs-commons/ Low Vendor pom name Maven SCM CVS Provider - Common library High Vendor pom parent-artifactid maven-scm-providers-cvs Low Vendor pom groupid org.apache.maven.scm Highest Vendor pom artifactid maven-scm-provider-cvs-commons Low Vendor jar package name providers Highest Vendor jar package name scm Highest Vendor file name maven-scm-provider-cvs-commons High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-providers-cvs/maven-scm-provider-cvs-commons/ Low Product pom name Maven SCM CVS Provider - Common library High Product jar package name providers Highest Product jar package name scm Highest Product file name maven-scm-provider-cvs-commons High Product jar package name apache Highest Product pom artifactid maven-scm-provider-cvs-commons Highest Product Manifest specification-title Maven SCM CVS Provider - Common library Medium Product jar package name maven Highest Product Manifest Implementation-Title Maven SCM CVS Provider - Common library High Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Product pom parent-artifactid maven-scm-providers-cvs Medium Version file version 1.10.0 High Version pom version 1.10.0 Highest Version Manifest Implementation-Version 1.10.0 High
maven-scm-provider-cvsexe-1.8.jarDescription:
Executable implementation for SCM CVS Provider. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-cvsexe\1.8\maven-scm-provider-cvsexe-1.8.jarMD5: 108ce95885945384d951fe0dd247c60bSHA1: 38138ab8c05d1a138f799853854b58076d17013fSHA256: 6b920b893a88755118393b94c6e39e30d3eb8b2b03053bae2d4b5c248ff26926Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers-cvs Low Vendor pom groupid org.apache.maven.scm Highest Vendor file name maven-scm-provider-cvsexe High Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom artifactid maven-scm-provider-cvsexe Low Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor pom name Maven SCM CVS Provider - CVS Executable Impl. High Vendor jar package name provider Highest Product file name maven-scm-provider-cvsexe High Product jar package name scm Highest Product pom artifactid maven-scm-provider-cvsexe Highest Product Manifest Implementation-Title Maven SCM CVS Provider - CVS Executable Impl. High Product jar package name apache Highest Product jar package name maven Highest Product Manifest specification-title Maven SCM CVS Provider - CVS Executable Impl. Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product pom name Maven SCM CVS Provider - CVS Executable Impl. High Product jar package name provider Highest Product pom parent-artifactid maven-scm-providers-cvs Medium Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-cvsjava-1.8.jarDescription:
Java implementation for SCM CVS Provider. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-cvsjava\1.8\maven-scm-provider-cvsjava-1.8.jarMD5: 8733ac4f7ee027bc3bb24ec053dd82e9SHA1: ce4f6cadb1716b223bbf14155b87769ec629e04fSHA256: 5410035cdbe2977b8f4cd3082855c7bc9743b8d32ba1319e359e936e284395a7Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers-cvs Low Vendor pom groupid org.apache.maven.scm Highest Vendor pom name Maven SCM CVS Provider - CVS Java Impl. High Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor file name maven-scm-provider-cvsjava High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom artifactid maven-scm-provider-cvsjava Low Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom name Maven SCM CVS Provider - CVS Java Impl. High Product Manifest Implementation-Title Maven SCM CVS Provider - CVS Java Impl. High Product jar package name scm Highest Product Manifest specification-title Maven SCM CVS Provider - CVS Java Impl. Medium Product pom artifactid maven-scm-provider-cvsjava Highest Product jar package name apache Highest Product file name maven-scm-provider-cvsjava High Product jar package name maven Highest Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Product pom parent-artifactid maven-scm-providers-cvs Medium Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-git-commons-1.10.0.jarDescription:
Common library for SCM Git Provider. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-git-commons\1.10.0\maven-scm-provider-git-commons-1.10.0.jarMD5: 4084f6f88a728d5d21b559158e08665eSHA1: 533fc0a3ed3df19144182c853a79c057e0430fe9SHA256: f331908176cd9563e330b80fe9a805ee081552d56417e86c908c27f92918a3c0Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-scm-provider-git-commons Low Vendor pom groupid org.apache.maven.scm Highest Vendor pom parent-artifactid maven-scm-providers-git Low Vendor jar package name providers Highest Vendor jar package name scm Highest Vendor Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-git-commons/ Low Vendor file name maven-scm-provider-git-commons High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom name Maven SCM Git Provider - Common library High Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom artifactid maven-scm-provider-git-commons Highest Product jar package name providers Highest Product Manifest Implementation-Title Maven SCM Git Provider - Common library High Product jar package name scm Highest Product Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-git-commons/ Low Product file name maven-scm-provider-git-commons High Product Manifest specification-title Maven SCM Git Provider - Common library Medium Product jar package name apache Highest Product jar package name maven Highest Product pom name Maven SCM Git Provider - Common library High Product pom parent-artifactid maven-scm-providers-git Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.10.0 High Version pom version 1.10.0 Highest Version Manifest Implementation-Version 1.10.0 High
maven-scm-provider-gitexe-1.8.jarDescription:
Executable implementation for SCM Git Provider. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-gitexe\1.8\maven-scm-provider-gitexe-1.8.jarMD5: 65ed02d6d9c322c66b536f7847c2ba73SHA1: 3fddb3a0f932fef6351f7212ebc2ad5f867dc78eSHA256: 1aa5cc68a6eeb97bc36e7cf8bf5ca27a423e0dbc50ed5f9142c2ffa137c003ffReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven SCM Git Provider - Git Executable Impl. High Vendor pom groupid org.apache.maven.scm Highest Vendor pom parent-artifactid maven-scm-providers-git Low Vendor jar package name scm Highest Vendor file name maven-scm-provider-gitexe High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom artifactid maven-scm-provider-gitexe Low Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom name Maven SCM Git Provider - Git Executable Impl. High Product jar package name scm Highest Product file name maven-scm-provider-gitexe High Product pom artifactid maven-scm-provider-gitexe Highest Product Manifest specification-title Maven SCM Git Provider - Git Executable Impl. Medium Product jar package name apache Highest Product jar package name maven Highest Product Manifest Implementation-Title Maven SCM Git Provider - Git Executable Impl. High Product pom parent-artifactid maven-scm-providers-git Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-hg-1.8.jarDescription:
SCM Provider implementation for Mercurial Hg (http://www.selenic.com/mercurial/wiki/). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-hg\1.8\maven-scm-provider-hg-1.8.jarMD5: d9cdd91f70d7070dc2ac1866336bd20bSHA1: 50e193aaba8dc8dbf73fcd17b6c991efce152eb0SHA256: c5d8e3ca2c66e2ee826dc03f137a4620444fc13fe05ae3ee13b61d72286f4670Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven SCM Mercurial (Hg) Provider High Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor file name maven-scm-provider-hg High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom artifactid maven-scm-provider-hg Low Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom name Maven SCM Mercurial (Hg) Provider High Product pom artifactid maven-scm-provider-hg Highest Product jar package name scm Highest Product file name maven-scm-provider-hg High Product jar package name apache Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Product Manifest specification-title Maven SCM Mercurial (Hg) Provider Medium Product Manifest Implementation-Title Maven SCM Mercurial (Hg) Provider High Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-integrity-1.11.2.jarDescription:
SCM Provider implementation for MKS Integrity : http://mks.com/ File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-integrity\1.11.2\maven-scm-provider-integrity-1.11.2.jarMD5: fcc2d26fa7b2f3bc798f54d796149e27SHA1: d7e127a47a13b0fb44950375361200aefe49b728SHA256: 960ccc20c3aaa683f4b7e8d3b338bedc9f1643e142169676a73bf051bf1d210fReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-provider-integrity/ Low Vendor pom artifactid maven-scm-provider-integrity Low Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor pom name Maven SCM MKS Integrity Provider High Vendor file name maven-scm-provider-integrity High Vendor jar package name provider Highest Product Manifest Implementation-Title Maven SCM MKS Integrity Provider High Product jar package name scm Highest Product Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-provider-integrity/ Low Product jar package name apache Highest Product jar package name maven Highest Product pom artifactid maven-scm-provider-integrity Highest Product pom parent-artifactid maven-scm-providers Medium Product Manifest specification-title Maven SCM MKS Integrity Provider Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product pom name Maven SCM MKS Integrity Provider High Product file name maven-scm-provider-integrity High Product jar package name provider Highest Version Manifest Implementation-Version 1.11.2 High Version pom version 1.11.2 Highest Version file version 1.11.2 High
maven-scm-provider-jazz-1.8.jarDescription:
A Maven SCM Provider for IBM Jazz SCM (http://jazz.net/). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-jazz\1.8\maven-scm-provider-jazz-1.8.jarMD5: 96f0e3076fcec7a6a28767e12f8eb1daSHA1: 8fb95acf3c0211d9c1578403ffa34a3923a9e7e2SHA256: 7bb7fc55dffe418738a2ef53f521535cd5047cc8121603f4f298b65cf4ea55ebReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-scm-provider-jazz Low Vendor pom parent-artifactid maven-scm-providers Low Vendor pom name Maven SCM Jazz/Rational Team Concert Provider High Vendor pom groupid org.apache.maven.scm Highest Vendor file name maven-scm-provider-jazz High Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom name Maven SCM Jazz/Rational Team Concert Provider High Product file name maven-scm-provider-jazz High Product jar package name scm Highest Product Manifest specification-title Maven SCM Jazz/Rational Team Concert Provider Medium Product Manifest Implementation-Title Maven SCM Jazz/Rational Team Concert Provider High Product jar package name apache Highest Product jar package name maven Highest Product pom artifactid maven-scm-provider-jazz Highest Product pom parent-artifactid maven-scm-providers Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-jgit-1.11.2.jarDescription:
JGIT implementation for SCM Git Provider.
see http://eclipse.org/jgit/
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-jgit\1.11.2\maven-scm-provider-jgit-1.11.2.jarMD5: 9bcc0ec85589232b3c5041f6e4d273b3SHA1: 42d14ad780fd960d655b0aa43f0f3be9dfbac51aSHA256: 205b6a6fb184d577547676675d16ab35f87d0ae7750352371f2f348c6c6e1fa8Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.scm Highest Vendor pom parent-artifactid maven-scm-providers-git Low Vendor pom artifactid maven-scm-provider-jgit Low Vendor file name maven-scm-provider-jgit High Vendor jar package name scm Highest Vendor pom name Maven SCM Git Provider - JGit Impl. High Vendor Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/ Low Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product file name maven-scm-provider-jgit High Product jar package name scm Highest Product pom name Maven SCM Git Provider - JGit Impl. High Product pom artifactid maven-scm-provider-jgit Highest Product Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-providers-git/maven-scm-provider-jgit/ Low Product jar package name apache Highest Product jar package name maven Highest Product Manifest Implementation-Title Maven SCM Git Provider - JGit Impl. High Product Manifest specification-title Maven SCM Git Provider - JGit Impl. Medium Product pom parent-artifactid maven-scm-providers-git Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version Manifest Implementation-Version 1.11.2 High Version pom version 1.11.2 Highest Version file version 1.11.2 High
maven-scm-provider-local-1.8.jarDescription:
SCM Provider implementation for Local. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-local\1.8\maven-scm-provider-local-1.8.jarMD5: d9a16a10f0ac68dd4a1241a19fc44c86SHA1: 0207e07689f93004bb4f43b8229d0727b446622aSHA256: 89fe64dfd36d75824888e1ee5d7a726d35f8416a83b5f289afc68576d60c5246Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor pom artifactid maven-scm-provider-local Low Vendor jar package name scm Highest Vendor file name maven-scm-provider-local High Vendor pom name Maven SCM Local Provider High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product Manifest specification-title Maven SCM Local Provider Medium Product jar package name scm Highest Product file name maven-scm-provider-local High Product pom name Maven SCM Local Provider High Product jar package name apache Highest Product pom artifactid maven-scm-provider-local Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product Manifest Implementation-Title Maven SCM Local Provider High Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-perforce-1.8.jarDescription:
SCM Provider implementation for Perforce (http://www.perforce.com/). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-perforce\1.8\maven-scm-provider-perforce-1.8.jarMD5: 7102cbe62e71b819e9222673a541f6f1SHA1: a5240a5cf6526f5fb3bcb9b5c29a850a193a245dSHA256: 825f22a8586f260c4fa1e4e4a9c93ce645734fb378cb64546fc94dbbb6477410Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor pom name Maven SCM Perforce Provider High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor file name maven-scm-provider-perforce High Vendor pom groupid apache.maven.scm Highest Vendor pom artifactid maven-scm-provider-perforce Low Vendor jar package name provider Highest Product jar package name scm Highest Product pom name Maven SCM Perforce Provider High Product jar package name apache Highest Product pom artifactid maven-scm-provider-perforce Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product Manifest Implementation-Title Maven SCM Perforce Provider High Product Manifest specification-title Maven SCM Perforce Provider Medium Product pom parent-groupid org.apache.maven.scm Medium Product file name maven-scm-provider-perforce High Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-starteam-1.8.jarDescription:
SCM Provider implementation for Starteam (http://www.borland.com/us/products/starteam/index.html). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-starteam\1.8\maven-scm-provider-starteam-1.8.jarMD5: 7d7eab16e6fc880fe300b7e4c68dd062SHA1: 1563b30b2329578e38cc3f4ac45506c3657d0e1dSHA256: 82a65f4ea45066ed5d7d76b3c99acad93915ec51d4cb41ca7d43a1c3410d01cfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name providers Highest Vendor pom artifactid maven-scm-provider-starteam Low Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor pom name Maven SCM Starteam Provider High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor file name maven-scm-provider-starteam High Vendor jar package name provider Highest Product Manifest Implementation-Title Maven SCM Starteam Provider High Product jar package name providers Highest Product jar package name scm Highest Product jar package name apache Highest Product pom name Maven SCM Starteam Provider High Product pom artifactid maven-scm-provider-starteam Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product pom parent-groupid org.apache.maven.scm Medium Product Manifest specification-title Maven SCM Starteam Provider Medium Product pom groupid apache.maven.scm Highest Product file name maven-scm-provider-starteam High Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-svn-commons-1.8.jarDescription:
Common library for SCM SVN Provider. Includes the svn-settings.xml configuration model. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-svn-commons\1.8\maven-scm-provider-svn-commons-1.8.jarMD5: 6ddcb74f815ac42166b944919f9a0011SHA1: 356b8fd88a89d356392f01554c68d2336113d979SHA256: 1011926d308aab12316de740c5846da1b79309ec356f4cd8be4ce2635ee8580dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven SCM Subversion Provider - Common library High Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name providers Highest Vendor jar package name scm Highest Vendor file name maven-scm-provider-svn-commons High Vendor pom parent-artifactid maven-scm-providers-svn Low Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor pom artifactid maven-scm-provider-svn-commons Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom name Maven SCM Subversion Provider - Common library High Product pom parent-artifactid maven-scm-providers-svn Medium Product jar package name providers Highest Product jar package name scm Highest Product file name maven-scm-provider-svn-commons High Product jar package name apache Highest Product Manifest Implementation-Title Maven SCM Subversion Provider - Common library High Product pom artifactid maven-scm-provider-svn-commons Highest Product jar package name maven Highest Product Manifest specification-title Maven SCM Subversion Provider - Common library Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-svnexe-1.8.jarDescription:
Executable library for SCM SVN Provider. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-svnexe\1.8\maven-scm-provider-svnexe-1.8.jarMD5: f6283e5aa96688a62153b2de4560aea1SHA1: 0758a18cc366cc40ed95e31d1f73f8e75e0577ecSHA256: ded35385ebdf291e63eabde56779311055f865b3ea4695348e09628384825677Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor pom parent-artifactid maven-scm-providers-svn Low Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor file name maven-scm-provider-svnexe High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom name Maven SCM Subversion Provider - SVN Executable Impl. High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom artifactid maven-scm-provider-svnexe Low Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom parent-artifactid maven-scm-providers-svn Medium Product jar package name scm Highest Product pom artifactid maven-scm-provider-svnexe Highest Product jar package name apache Highest Product file name maven-scm-provider-svnexe High Product pom name Maven SCM Subversion Provider - SVN Executable Impl. High Product jar package name maven Highest Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product Manifest Implementation-Title Maven SCM Subversion Provider - SVN Executable Impl. High Product jar package name provider Highest Product Manifest specification-title Maven SCM Subversion Provider - SVN Executable Impl. Medium Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-svnjava-2.1.1.jarDescription:
This provider use a non ASL license compatible library (svnkit http://svnkit.com/). License:
ASF: http://www.apache.org/licenses/LICENSE-2.0 File Path: C:\Users\Jeremy\.m2\repository\com\google\code\maven-scm-provider-svnjava\maven-scm-provider-svnjava\2.1.1\maven-scm-provider-svnjava-2.1.1.jar
MD5: 7d1b78f267014cfa57f4f7c1bf4de880
SHA1: 8b1d8e95ee551abda6c8ccb855f49592fdd19492
SHA256: 4bb32bc5a710fb25ef381d2026a75f22a53a22db8d17ea4daa86832853fd6151
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://code.google.com/a/apache-extras.org/p/maven-scm-provider-svnjava/ Highest Vendor jar package name scm Low Vendor pom groupid google.code.maven-scm-provider-svnjava Highest Vendor pom artifactid maven-scm-provider-svnjava Low Vendor pom groupid com.google.code.maven-scm-provider-svnjava Highest Vendor pom name Maven SCM Subversion Provider - Java Impl. High Vendor jar package name apache Low Vendor jar package name scm Highest Vendor file name maven-scm-provider-svnjava High Vendor jar package name maven Highest Vendor jar package name maven Low Vendor jar package name provider Highest Product jar package name scm Low Product jar package name provider Low Product jar package name maven Highest Product pom groupid google.code.maven-scm-provider-svnjava Highest Product pom url http://code.google.com/a/apache-extras.org/p/maven-scm-provider-svnjava/ Medium Product jar package name maven Low Product pom name Maven SCM Subversion Provider - Java Impl. High Product jar package name scm Highest Product pom artifactid maven-scm-provider-svnjava Highest Product file name maven-scm-provider-svnjava High Product jar package name provider Highest Version file version 2.1.1 High Version pom version 2.1.1 Highest
maven-scm-provider-synergy-1.8.jarDescription:
SCM Provider implementation for Synergy (http://www.telelogic.com/corp/products/synergy/index.cfm). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-synergy\1.8\maven-scm-provider-synergy-1.8.jarMD5: 5b340f5120420682558b4fc8b1c6f22cSHA1: 8cd64430b32461842946bf6ccfbccfd86b6af585SHA256: 7dd86c8a49be04bb11f58aa9cf92da3510d5cc70ed0597a084a2389c2198cc8fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven SCM Synergy Provider High Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor pom artifactid maven-scm-provider-synergy Low Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor file name maven-scm-provider-synergy High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product pom name Maven SCM Synergy Provider High Product jar package name scm Highest Product pom artifactid maven-scm-provider-synergy Highest Product jar package name apache Highest Product file name maven-scm-provider-synergy High Product Manifest Implementation-Title Maven SCM Synergy Provider High Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product pom parent-groupid org.apache.maven.scm Medium Product Manifest specification-title Maven SCM Synergy Provider Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-provider-tfs-1.11.2.jarDescription:
A Maven 2 SCM Provider for Microsoft Visual Studio Team Foundation Server. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-tfs\1.11.2\maven-scm-provider-tfs-1.11.2.jarMD5: fec13a6a81a0b3e88235ebecf828a84aSHA1: 43c6e2cc36c434e31c62fa97d583fdd8c846d65eSHA256: 1c42999b2fa1b18288838d59c04adb456028d31e7950204ae8ed13335ed4c7ffReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name scm Highest Vendor Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-provider-tfs/ Low Vendor pom name Maven SCM TFS Provider High Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor pom artifactid maven-scm-provider-tfs Low Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor file name maven-scm-provider-tfs High Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor jar package name provider Highest Product jar package name scm Highest Product Manifest implementation-url https://maven.apache.org/scm/maven-scm-providers/maven-scm-provider-tfs/ Low Product pom name Maven SCM TFS Provider High Product Manifest specification-title Maven SCM TFS Provider Medium Product jar package name apache Highest Product Manifest Implementation-Title Maven SCM TFS Provider High Product file name maven-scm-provider-tfs High Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product pom artifactid maven-scm-provider-tfs Highest Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product jar package name provider Highest Version Manifest Implementation-Version 1.11.2 High Version pom version 1.11.2 Highest Version file version 1.11.2 High
maven-scm-provider-vss-1.8.jarDescription:
SCM Provider implementation for VSS (http://msdn.microsoft.com/en-us/vstudio/aa700907.aspx). File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-provider-vss\1.8\maven-scm-provider-vss-1.8.jarMD5: 7bb06cfbe84825eb6c7049d946c875ffSHA1: f3cb3f2d55a463fd65ea8961f67d2791058a0392SHA256: 8328dfa1d10cb76b4531c1b102c24e587b0252b3f2d70b61de0b39a7551164a9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-scm-provider-vss Low Vendor pom parent-artifactid maven-scm-providers Low Vendor pom groupid org.apache.maven.scm Highest Vendor jar package name providers Highest Vendor jar package name scm Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.scm Medium Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom name Maven SCM Visual Source Safe Provider High Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor file name maven-scm-provider-vss High Vendor jar package name provider Highest Product pom artifactid maven-scm-provider-vss Highest Product jar package name providers Highest Product jar package name scm Highest Product jar package name apache Highest Product jar package name maven Highest Product pom parent-artifactid maven-scm-providers Medium Product Manifest Implementation-Title Maven SCM Visual Source Safe Provider High Product pom name Maven SCM Visual Source Safe Provider High Product pom parent-groupid org.apache.maven.scm Medium Product Manifest specification-title Maven SCM Visual Source Safe Provider Medium Product pom groupid apache.maven.scm Highest Product file name maven-scm-provider-vss High Product jar package name provider Highest Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Implementation-Version 1.8 High
maven-scm-providers-standard-1.11.2.pomFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\scm\maven-scm-providers-standard\1.11.2\maven-scm-providers-standard-1.11.2.pomMD5: d26cacfa0d2bf989f11db99c23941fc5SHA1: 023fe473ea661e09474054392768bc8f01f910f3SHA256: f1f69ca68d03baac63c0f37efe1204fc4a7d7606ead28755fe35c617762bbdfb
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-scm-providers-standard Low Vendor pom parent-artifactid maven-scm-providers Low Vendor pom parent-groupid org.apache.maven.scm Medium Vendor pom groupid apache.maven.scm Highest Vendor pom name Maven SCM Standard Providers High Vendor file name maven-scm-providers-standard High Product pom artifactid maven-scm-providers-standard Highest Product pom parent-artifactid maven-scm-providers Medium Product pom parent-groupid org.apache.maven.scm Medium Product pom groupid apache.maven.scm Highest Product pom name Maven SCM Standard Providers High Product file name maven-scm-providers-standard High Version pom version 1.11.2 Highest Version file version 1.11.2 High
maven-settings-3.0.4.jarDescription:
Maven Settings model. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-settings\3.0.4\maven-settings-3.0.4.jarMD5: 44865cea2d53c88952fe816e004f5075SHA1: 09897b492f19f4a9a37c008c025691cd4a858cdcSHA256: 3e3df17f5df5e4ce1e7b7f2011c57d61d328e65678542ade2048f0d0fa295f09Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-settings Low Vendor pom groupid apache.maven Highest Vendor file name maven-settings High Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor pom name Maven Settings High Vendor jar package name apache Highest Vendor jar package name settings Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product pom name Maven Settings High Product jar package name settings Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product Manifest Implementation-Title Maven Settings High Product pom artifactid maven-settings Highest Product Manifest specification-title Maven Settings Medium Product jar package name maven Highest Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product file name maven-settings High Version pom version 3.0.4 Highest Version file version 3.0.4 High Version Manifest Implementation-Version 3.0.4 High
Published Vulnerabilities CVE-2013-0253 (OSSINDEX) suppress
The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack. CVSSv2:
Base Score: MEDIUM (5.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.maven:maven-settings:3.0.4:*:*:*:*:*:*:* maven-settings-builder-3.0.4.jarDescription:
The effective settings builder, with inheritance and password decryption. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-settings-builder\3.0.4\maven-settings-builder-3.0.4.jarMD5: 84aa1f63d2d34abe0b8a60b71d454d9bSHA1: 1c47e99b3cef4aed391f6c76aa073f3f7f25044bSHA256: a38a54ec1e69a30ddfc14434e0aec2764fc268668abcc0e132d86692a5dce3e4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-settings-builder Low Vendor pom name Maven Settings Builder High Vendor file name maven-settings-builder High Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor jar package name settings Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Product jar package name settings Highest Product jar package name apache Highest Product pom parent-artifactid maven Medium Product pom name Maven Settings Builder High Product jar package name maven Highest Product file name maven-settings-builder High Product pom artifactid maven-settings-builder Highest Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product Manifest specification-title Maven Settings Builder Medium Product Manifest Implementation-Title Maven Settings Builder High Version pom version 3.0.4 Highest Version file version 3.0.4 High Version Manifest Implementation-Version 3.0.4 High
Published Vulnerabilities CVE-2013-0253 (OSSINDEX) suppress
The default configuration of Apache Maven 3.0.4, when using Maven Wagon 2.1, disables SSL certificate checks, which allows remote attackers to spoof servers via a man-in-the-middle (MITM) attack. CVSSv2:
Base Score: MEDIUM (5.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.maven:maven-settings-builder:3.0.4:*:*:*:*:*:*:* maven-shared-incremental-1.1.jarDescription:
Various utility classes and plexus components for supporting
incremental build functionality in maven plugins.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-shared-incremental\1.1\maven-shared-incremental-1.1.jarMD5: 8a48e08aa027a7ac33fcc85054512021SHA1: 9d017a7584086755445c0a260dd9a1e9eae161a5SHA256: 61988e54486a5dc38f06c70fdae5b108556c63bd433697b9f4305fcdb30fa40eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Maven Incremental Build support utilities High Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor jar package name incremental Highest Vendor jar package name apache Highest Vendor file name maven-shared-incremental High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom artifactid maven-shared-incremental Low Vendor pom parent-artifactid maven-shared-components Low Product pom name Maven Incremental Build support utilities High Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product jar package name incremental Highest Product pom artifactid maven-shared-incremental Highest Product Manifest Implementation-Title Maven Incremental Build support utilities High Product jar package name apache Highest Product file name maven-shared-incremental High Product Manifest specification-title Maven Incremental Build support utilities Medium Product jar package name maven Highest Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Version Manifest Implementation-Version 1.1 High Version pom parent-version 1.1 Low Version file version 1.1 High Version pom version 1.1 Highest
maven-shared-io-3.0.0.jarDescription:
API for I/O support like logging, download or file scanning. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-shared-io\3.0.0\maven-shared-io-3.0.0.jarMD5: cd048096ba02afa72cebb76d39e4bde0SHA1: fe598062dbcf95ac9eba77840f86d2ff25d81f55SHA256: 7f9d12b2d569ccde2cacd22a39e301b20f82567b80e21d625c5f4d93dc09c2c7Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-shared-io High Vendor pom artifactid maven-shared-io Low Vendor pom name Apache Maven Shared I/O API High Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor jar package name io Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom parent-artifactid maven-shared-components Low Product file name maven-shared-io High Product pom artifactid maven-shared-io Highest Product pom parent-artifactid maven-shared-components Medium Product pom name Apache Maven Shared I/O API High Product pom parent-groupid org.apache.maven.shared Medium Product jar package name io Highest Product Manifest Implementation-Title Apache Maven Shared I/O API High Product Manifest specification-title Apache Maven Shared I/O API Medium Product jar package name apache Highest Product jar package name maven Highest Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High Version pom parent-version 3.0.0 Low
maven-shared-jar-1.2.jarDescription:
Utilities that help identify the contents of a JAR, including Java class analysis and Maven metadata analysis.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-shared-jar\1.2\maven-shared-jar-1.2.jarMD5: d7c355483e4f2fd7f918779641417814SHA1: 569e3d279943c2b50facaf302e43ef418e0567afSHA256: 32e11fdb30b1b9d44538a48ba676e21b7259bb933f4389182b195db5ddefc2bdReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.apache.maven.shared Highest Vendor file name maven-shared-jar High Vendor pom parent-groupid org.apache.maven.shared Medium Vendor pom name Apache Maven JAR Utilities High Vendor pom artifactid maven-shared-jar Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor jar package name jar Highest Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom parent-artifactid maven-shared-components Low Product pom parent-artifactid maven-shared-components Medium Product file name maven-shared-jar High Product pom parent-groupid org.apache.maven.shared Medium Product pom name Apache Maven JAR Utilities High Product Manifest specification-title Apache Maven JAR Utilities Medium Product jar package name apache Highest Product Manifest Implementation-Title Apache Maven JAR Utilities High Product jar package name maven Highest Product jar package name jar Highest Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Product pom artifactid maven-shared-jar Highest Version Manifest Implementation-Version 1.2 High Version file version 1.2 High Version pom version 1.2 Highest Version pom parent-version 1.2 Low
maven-shared-utils-3.2.1.jarDescription:
Shared utils without any further dependencies File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\shared\maven-shared-utils\3.2.1\maven-shared-utils-3.2.1.jarMD5: 9c8c48e58b12b4584278c355f6c98bd5SHA1: 08dd4dfb1d2d8b6969f6462790f82670bcd35ce2SHA256: 3ba9c619893c767db0f9c3e826d5118b57c35229301bcd16d865a89cec16a7e5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-shared-utils High Vendor pom groupid org.apache.maven.shared Highest Vendor pom parent-groupid org.apache.maven.shared Medium Vendor Manifest implementation-url https://maven.apache.org/shared/maven-shared-utils/ Low Vendor jar package name apache Highest Vendor jar package name utils Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor pom name Apache Maven Shared Utils High Vendor Manifest Implementation-Vendor-Id org.apache.maven.shared Medium Vendor pom artifactid maven-shared-utils Low Vendor pom groupid apache.maven.shared Highest Vendor jar package name shared Highest Vendor pom parent-artifactid maven-shared-components Low Product Manifest Implementation-Title Apache Maven Shared Utils High Product file name maven-shared-utils High Product pom parent-artifactid maven-shared-components Medium Product pom parent-groupid org.apache.maven.shared Medium Product Manifest implementation-url https://maven.apache.org/shared/maven-shared-utils/ Low Product pom artifactid maven-shared-utils Highest Product jar package name apache Highest Product jar package name utils Highest Product jar package name maven Highest Product pom name Apache Maven Shared Utils High Product pom groupid apache.maven.shared Highest Product jar package name shared Highest Product Manifest specification-title Apache Maven Shared Utils Medium Version Manifest Implementation-Version 3.2.1 High Version pom parent-version 3.2.1 Low Version pom version 3.2.1 Highest Version file version 3.2.1 High
maven-site-plugin-3.9.1.jarDescription:
The Maven Site Plugin is a plugin that generates a site for the current project. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-site-plugin\3.9.1\maven-site-plugin-3.9.1.jarMD5: f3a879c1421ebfa629373d50429f52b0SHA1: abf63422bc5c985cb54a7b8dc2b7673833dc65a6SHA256: ebeb2575afa767d254aad6c2afdbc069e99beca4df0962c768abb5838a6b5860Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Apache Maven Site Plugin High Vendor pom parent-artifactid maven-plugins Low Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Vendor pom artifactid maven-site-plugin Low Vendor file name maven-site-plugin High Vendor jar package name site Highest Product Manifest Implementation-Title Apache Maven Site Plugin High Product Manifest specification-title Apache Maven Site Plugin Medium Product pom name Apache Maven Site Plugin High Product pom parent-artifactid maven-plugins Medium Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid maven-site-plugin Highest Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product file name maven-site-plugin High Product jar package name site Highest Version Manifest Implementation-Version 3.9.1 High Version pom parent-version 3.9.1 Low Version pom version 3.9.1 Highest Version file version 3.9.1 High
maven-source-plugin-3.2.1.jarDescription:
The Maven Source Plugin creates a JAR archive of the source files of the current project. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-source-plugin\3.2.1\maven-source-plugin-3.2.1.jarMD5: f98d99b95e9d71387a260eec73aba9d5SHA1: 17fea4399d3e67d83435471ba80e42ec61d5e7ceSHA256: 436431c4aab177f95c08e6a78b4b38696d06cee6e33755641432ef78f464d4f4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-source-plugin Low Vendor file name maven-source-plugin High Vendor jar package name source Highest Vendor pom parent-artifactid maven-plugins Low Vendor pom name Apache Maven Source Plugin High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Product Manifest Implementation-Title Apache Maven Source Plugin High Product Manifest specification-title Apache Maven Source Plugin Medium Product file name maven-source-plugin High Product pom artifactid maven-source-plugin Highest Product jar package name source Highest Product pom parent-artifactid maven-plugins Medium Product pom name Apache Maven Source Plugin High Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Version Manifest Implementation-Version 3.2.1 High Version pom parent-version 3.2.1 Low Version pom version 3.2.1 Highest Version file version 3.2.1 High
maven-surefire-common-3.0.0-M5.jarDescription:
API used in Surefire and Failsafe MOJO. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\maven-surefire-common\3.0.0-M5\maven-surefire-common-3.0.0-M5.jarMD5: bbc0344476cefc6895648b5923bc23d1SHA1: 0245fdc7191e36a01c59c4e39b3d51da934cefe2SHA256: ff20ecb3c9ed1eef654c3e05b52bbca4916613c52c7135cd11d9bec92a7175f9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-surefire-common Low Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor pom groupid apache.maven.surefire Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom name Maven Surefire Common High Vendor pom parent-artifactid surefire Low Vendor file name maven-surefire-common High Vendor jar package name surefire Highest Product pom artifactid maven-surefire-common Highest Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product pom name Maven Surefire Common High Product file name maven-surefire-common High Product Manifest Implementation-Title Maven Surefire Common High Product jar package name surefire Highest Product Manifest specification-title Maven Surefire Common Medium Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
maven-surefire-plugin-3.0.0-M5.jarDescription:
Maven Surefire MOJO in maven-surefire-plugin. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-surefire-plugin\3.0.0-M5\maven-surefire-plugin-3.0.0-M5.jarMD5: f629c5d6b4e779cf3d58448afed5b7e0SHA1: fdd1eeae1523a8d4b955613eb282d3fc51bc9868SHA256: 598b82718ed905e5d67d4a70d191a7f5a1f2e3dd42207d1b8f808a27086f4f17Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-surefire-plugin High Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor pom artifactid maven-surefire-plugin Low Vendor jar package name apache Highest Vendor pom name Maven Surefire Plugin High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom groupid org.apache.maven.plugins Highest Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Vendor jar package name plugin Highest Product file name maven-surefire-plugin High Product Manifest Implementation-Title Maven Surefire Plugin High Product Manifest specification-title Maven Surefire Plugin Medium Product pom artifactid maven-surefire-plugin Highest Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product jar package name apache Highest Product pom name Maven Surefire Plugin High Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name plugin Highest Product jar package name surefire Highest Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
maven-surefire-report-plugin-3.0.0-M5.jarDescription:
Maven Surefire Report MOJO in maven-surefire-report-plugin. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-surefire-report-plugin\3.0.0-M5\maven-surefire-report-plugin-3.0.0-M5.jarMD5: bf60919e4ea69d5e7cba891b5dadab52SHA1: 439ca4c118b35b8b5f682038c3fc3178ee5cd7ebSHA256: b53a2607f1d9979d2a6550d667349c7594d999391e08dfc4a4bc95b563a2870eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid maven-surefire-report-plugin Low Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor pom name Maven Surefire Report Plugin High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor file name maven-surefire-report-plugin High Vendor jar package name plugins Highest Vendor pom groupid org.apache.maven.plugins Highest Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Product pom parent-artifactid surefire Medium Product Manifest Implementation-Title Maven Surefire Report Plugin High Product Manifest specification-title Maven Surefire Report Plugin Medium Product pom parent-groupid org.apache.maven.surefire Medium Product pom name Maven Surefire Report Plugin High Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product pom artifactid maven-surefire-report-plugin Highest Product file name maven-surefire-report-plugin High Product jar package name plugins Highest Product jar package name surefire Highest Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
maven-toolchain-2.2.1.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\maven-toolchain\2.2.1\maven-toolchain-2.2.1.jarMD5: 21e07983aa493f1bdbf0c2c5a474ed4dSHA1: 0be589179cfbbad11e48572bf1a28e3490c7b197SHA256: 809e55c88a15012e76d262ad9c9b762084128e3d81bffe045dd4e6318eef2890Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name maven-toolchain High Vendor pom artifactid maven-toolchain Low Vendor pom groupid apache.maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor jar package name toolchain Highest Vendor pom parent-groupid org.apache.maven Medium Vendor pom parent-artifactid maven Low Vendor pom groupid org.apache.maven Highest Vendor pom name Maven Toolchains High Product jar package name apache Highest Product pom parent-artifactid maven Medium Product file name maven-toolchain High Product Manifest specification-title Maven Toolchains Medium Product Manifest Implementation-Title Maven Toolchains High Product jar package name maven Highest Product jar package name toolchain Highest Product pom parent-groupid org.apache.maven Medium Product pom groupid apache.maven Highest Product pom name Maven Toolchains High Product pom artifactid maven-toolchain Highest Version Manifest Implementation-Version 2.2.1 High Version pom version 2.2.1 Highest Version file version 2.2.1 High
maven-war-plugin-3.3.1.jarDescription:
Builds a Web Application Archive (WAR) file from the project output and its dependencies. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\plugins\maven-war-plugin\3.3.1\maven-war-plugin-3.3.1.jarMD5: 262d7e725f9788ee44fd665d5e9352ccSHA1: 51f2461f29ef77ff8b6cb675372ec9edd9507a40SHA256: 5e57242a60395a944b21e7fd8b5694b987ba457853eea046d77559ab39592bc9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest build-jdk-spec 1.7 Low Vendor pom artifactid maven-war-plugin Low Vendor pom parent-artifactid maven-plugins Low Vendor pom name Apache Maven WAR Plugin High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid apache.maven.plugins Highest Vendor jar package name maven Highest Vendor jar package name war Highest Vendor file name maven-war-plugin High Vendor jar package name plugins Highest Vendor pom parent-groupid org.apache.maven.plugins Medium Vendor pom groupid org.apache.maven.plugins Highest Product Manifest Implementation-Title Apache Maven WAR Plugin High Product Manifest specification-title Apache Maven WAR Plugin Medium Product Manifest build-jdk-spec 1.7 Low Product pom parent-artifactid maven-plugins Medium Product pom name Apache Maven WAR Plugin High Product jar package name apache Highest Product pom groupid apache.maven.plugins Highest Product jar package name maven Highest Product jar package name war Highest Product file name maven-war-plugin High Product jar package name plugins Highest Product pom parent-groupid org.apache.maven.plugins Medium Product pom artifactid maven-war-plugin Highest Version pom parent-version 3.3.1 Low Version pom version 3.3.1 Highest Version file version 3.3.1 High Version Manifest Implementation-Version 3.3.1 High
mimepull-1.9.13.jarDescription:
Provides a streaming API to access attachments parts in a MIME message. License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\jvnet\mimepull\mimepull\1.9.13\mimepull-1.9.13.jar
MD5: 8f213b6360a3efd030cf48ad45edaade
SHA1: a4f12d0da986cae55dd5c4a735b4fefc700eb266
SHA256: 5518bd3c5d88bea3b303952b22618313d6bf0ca7f131f78368108a04ebba3f17
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest implementation-url https://github.com/eclipse-ee4j/metro-mimepull Low Vendor jar package name mimepull Highest Vendor jar package name jvnet Highest Vendor Manifest implementation-build-id 1.9.13 - 1.9.13-RELEASE-b47191d Low Vendor pom url eclipse-ee4j/metro-mimepull Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor pom groupid org.jvnet.mimepull Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor file name mimepull High Vendor Manifest bundle-symbolicname org.jvnet.mimepull Medium Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor pom name MIME streaming extension High Vendor pom parent-artifactid project Low Vendor pom groupid jvnet.mimepull Highest Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom artifactid mimepull Low Vendor Manifest Implementation-Vendor-Id org.jvnet.mimepull Medium Vendor Manifest build-jdk-spec 11 Low Product Manifest implementation-url https://github.com/eclipse-ee4j/metro-mimepull Low Product jar package name mimepull Highest Product pom parent-artifactid project Medium Product pom artifactid mimepull Highest Product jar package name jvnet Highest Product Manifest implementation-build-id 1.9.13 - 1.9.13-RELEASE-b47191d Low Product Manifest Bundle-Name MIME streaming extension Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product file name mimepull High Product Manifest bundle-symbolicname org.jvnet.mimepull Medium Product pom parent-groupid org.eclipse.ee4j Medium Product pom name MIME streaming extension High Product pom groupid jvnet.mimepull Highest Product pom url eclipse-ee4j/metro-mimepull High Product Manifest Implementation-Title MIME streaming extension High Product Manifest build-jdk-spec 11 Low Version file version 1.9.13 High Version Manifest implementation-build-id 1.9.13 Low Version pom version 1.9.13 Highest Version Manifest Bundle-Version 1.9.13 High Version Manifest Implementation-Version 1.9.13 High Version pom parent-version 1.9.13 Low
mksapi-jar-4.10.9049.jarDescription:
MKS Integrity - Java API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\mks\api\mksapi-jar\4.10.9049\mksapi-jar-4.10.9049.jar
MD5: b313c9446337839b41aded7841c85879
SHA1: 93fa3b67c070850183922d9802c240e7ce4618ca
SHA256: e10302eac05a94e4189992d09f7474589c54466f5f6ce153f13432cbb95bfc62
Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom groupid mks.api Highest Vendor jar package name mks Highest Vendor pom name MKS Integrity - Java API High Vendor pom groupid com.mks.api Highest Vendor file name mksapi-jar High Vendor pom url http://www.mks.com/customer-service Highest Vendor jar package name api Highest Vendor jar package name mks Low Vendor pom artifactid mksapi-jar Low Product pom artifactid mksapi-jar Highest Product pom groupid mks.api Highest Product jar package name mks Highest Product pom name MKS Integrity - Java API High Product file name mksapi-jar High Product pom url http://www.mks.com/customer-service Medium Product jar package name api Highest Version pom version 4.10.9049 Highest Version file version 4.10.9049 High
mockito-core-1.9.0.jarDescription:
Mock objects library for java License:
The MIT License: http://code.google.com/p/mockito/wiki/License File Path: C:\Users\Jeremy\.m2\repository\org\mockito\mockito-core\1.9.0\mockito-core-1.9.0.jar
MD5: 0cc4a6307aa7156bab3a2f564b9ddb72
SHA1: 1b2360734c0b7ed584cdff780d753405780598a8
SHA256: e9b5f9a748cef1ff7c23ee103d98a879c354838b6009c9393db13497a9c1e854
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid mockito Highest Vendor jar package name core Highest Vendor pom artifactid mockito-core Low Vendor pom groupid org.mockito Highest Vendor pom name Mockito High Vendor jar package name mock Highest Vendor file name mockito-core High Vendor pom url http://www.mockito.org Highest Vendor jar package name mockito Highest Vendor Manifest bundle-symbolicname org.mockito.mockito-core Medium Product pom groupid mockito Highest Product jar package name core Highest Product Manifest Bundle-Name Mockito Mock Library for Java. Core bundle requires Hamcrest-core and Objenesis. Medium Product pom artifactid mockito-core Highest Product pom name Mockito High Product jar package name mock Highest Product jar package name and Highest Product file name mockito-core High Product jar package name mockito Highest Product pom url http://www.mockito.org Medium Product Manifest bundle-symbolicname org.mockito.mockito-core Medium Version Manifest Bundle-Version 1.9.0 High Version file version 1.9.0 High Version pom version 1.9.0 Highest
model-builder-1.3.jarFile Path: C:\Users\Jeremy\.m2\repository\org\sonatype\spice\model-builder\1.3\model-builder-1.3.jarMD5: c054d2fa25d462f85dc202317a114224SHA1: 37534174c8e7332d2fda4012521ecece84ec4149SHA256: 02161ae46462da669b1d7be3f9b64687c6347f84d04c890fa467eff6def0ae10Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name model-builder High Vendor jar package name apache Low Vendor pom groupid org.sonatype.spice Highest Vendor pom parent-groupid org.sonatype.spice Medium Vendor pom artifactid model-builder Low Vendor jar package name shared Low Vendor jar package name model Highest Vendor pom name Maven Shared Model High Vendor pom parent-artifactid spice-parent Low Vendor jar package name maven Highest Vendor pom groupid sonatype.spice Highest Vendor jar package name maven Low Vendor jar package name shared Highest Product pom parent-artifactid spice-parent Medium Product file name model-builder High Product pom parent-groupid org.sonatype.spice Medium Product jar package name shared Low Product jar package name model Highest Product pom name Maven Shared Model High Product jar package name maven Highest Product pom groupid sonatype.spice Highest Product jar package name maven Low Product pom artifactid model-builder Highest Product jar package name shared Highest Product jar package name model Low Version file version 1.3 High Version pom parent-version 1.3 Low Version pom version 1.3 Highest
modernizer-maven-annotations-2.1.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\gaul\modernizer-maven-annotations\2.1.0\modernizer-maven-annotations-2.1.0.jarMD5: c7a88e08a5143da8facab4504c42f1deSHA1: 2a3461a76f0921f5ae3a21fac20c33ce393dbd71SHA256: d95cb001722629f3009ced92ae22c6463d5c51233a891900a29fac15bc5131ddReferenced In Project/Scope: dependency-plugin-tracker:provided
Evidence Type Source Name Value Confidence Vendor jar package name gaul Highest Vendor pom parent-artifactid modernizer-maven-parent Low Vendor pom groupid org.gaul Highest Vendor pom parent-groupid org.gaul Medium Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid modernizer-maven-annotations Low Vendor file name modernizer-maven-annotations High Vendor pom groupid gaul Highest Vendor Manifest multi-release true Low Product jar package name gaul Highest Product pom parent-groupid org.gaul Medium Product Manifest build-jdk-spec 1.8 Low Product file name modernizer-maven-annotations High Product pom groupid gaul Highest Product pom artifactid modernizer-maven-annotations Highest Product Manifest multi-release true Low Product pom parent-artifactid modernizer-maven-parent Medium Version file version 2.1.0 High Version pom version 2.1.0 Highest
mycila-xmltool-4.4.ga.jarDescription:
Parent POM License:
http://www.apache.org/licenses/LICENSE-2.0.html File Path: C:\Users\Jeremy\.m2\repository\com\mycila\mycila-xmltool\4.4.ga\mycila-xmltool-4.4.ga.jar
MD5: 700e3c3e5a098dca06a2df16748bea54
SHA1: 25ee115633aa7e34773ed89156c59965126fa1a1
SHA256: 75d7b2be9381a65f6fac32f310822112f805566e9f8a97a45d8f13cf55049ce0
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname com.mycila.mycila-xmltool Medium Vendor Manifest bundle-docurl http://mycila.github.io/xmltool Low Vendor jar package name mycila Highest Vendor pom groupid com.mycila Highest Vendor file name mycila-xmltool High Vendor Manifest bundle-copyright Copyright (C) 2008 Mycila Low Vendor pom url http://mycila.github.io/${mycila.github.name} Highest Vendor pom parent-groupid com.mycila Medium Vendor pom artifactid mycila-xmltool Low Vendor pom parent-artifactid mycila-pom Low Vendor jar package name xmltool Highest Vendor pom name mycila-xmltool High Vendor pom groupid mycila Highest Product pom artifactid mycila-xmltool Highest Product Manifest bundle-symbolicname com.mycila.mycila-xmltool Medium Product Manifest Bundle-Name mycila-xmltool Medium Product Manifest bundle-docurl http://mycila.github.io/xmltool Low Product jar package name mycila Highest Product file name mycila-xmltool High Product pom url http://mycila.github.io/${mycila.github.name} Medium Product Manifest bundle-copyright Copyright (C) 2008 Mycila Low Product pom parent-groupid com.mycila Medium Product jar package name xmltool Highest Product pom name mycila-xmltool High Product pom groupid mycila Highest Product pom parent-artifactid mycila-pom Medium Version pom version 4.4.ga Highest Version pom parent-version 4.4.ga Low
objenesis-1.0.jarDescription:
A library for instantiating Java objects License:
MIT License: http://objenesis.googlecode.com/svn/docs/license.html File Path: C:\Users\Jeremy\.m2\repository\org\objenesis\objenesis\1.0\objenesis-1.0.jar
MD5: 1989c831f28c92fae9b333cf5c9f9926
SHA1: 9b473564e792c2bdf1449da1f0b1b5bff9805704
SHA256: c5694b55d92527479382f254199b3c6b1d8780f652ad61e9ca59919887f491a8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid objenesis Highest Vendor pom groupid org.objenesis Highest Vendor pom artifactid objenesis Low Vendor jar package name objenesis Low Vendor jar package name instantiator Low Vendor pom url http://objenesis.googlecode.com/svn/docs/index.html Highest Vendor pom parent-groupid org.objenesis Medium Vendor pom name Objenesis High Vendor pom parent-artifactid objenesis-parent Low Vendor jar package name objenesis Highest Vendor file name objenesis High Product pom artifactid objenesis Highest Product pom url http://objenesis.googlecode.com/svn/docs/index.html Medium Product pom groupid objenesis Highest Product pom parent-artifactid objenesis-parent Medium Product jar package name instantiator Low Product pom parent-groupid org.objenesis Medium Product pom name Objenesis High Product jar package name objenesis Highest Product file name objenesis High Version file version 1.0 High Version pom version 1.0 Highest
org.eclipse.core.commands-3.9.700.jarDescription:
Commands License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.commands\3.9.700\org.eclipse.core.commands-3.9.700.jar
MD5: 82b5561e7cb6d212dafa65bf69dc1932
SHA1: 24349d2f4f8fd8ea32ad4a5b3a952f1dbfcecaf0
SHA256: 6387c495e1f4eb21096d3a89cc1aca86a88506ecf879feed3d3b8a22378f9a03
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.eclipse.core.commands Medium Vendor pom organization url http://www.eclipse.org/ Medium Vendor pom artifactid eclipse.core.commands Low Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor pom name Commands High Vendor Manifest automatic-module-name org.eclipse.core.commands Medium Vendor jar package name commands Highest Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)" Low Vendor pom url http://www.eclipse.org/platform Highest Vendor file name org.eclipse.core.commands High Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Product Manifest bundle-symbolicname org.eclipse.core.commands Medium Product pom artifactid eclipse.core.commands Highest Product pom organization name Eclipse Foundation Low Product jar package name eclipse Highest Product pom name Commands High Product Manifest automatic-module-name org.eclipse.core.commands Medium Product jar package name commands Highest Product jar package name common Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product pom artifactid org.eclipse.core.commands Highest Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)" Low Product file name org.eclipse.core.commands High Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Version pom version 3.9.700 Highest Version file version 3.9.700 High
org.eclipse.core.contenttype-3.7.800.jarDescription:
Eclipse Content Mechanism License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.contenttype\3.7.800\org.eclipse.core.contenttype-3.7.800.jar
MD5: 2fb1eb6efc647d4ceeafe556104a86c2
SHA1: 33b952afbd75849cca0041dc6cda0cf8c3ca614b
SHA256: 43f25de30305c238829cede2b5f070b4198edad9661119214637d00d86ac581c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid eclipse.core.contenttype Low Vendor pom organization url http://www.eclipse.org/ Medium Vendor jar package name content Highest Vendor Manifest service-component OSGI-INF/contenttypemanager.xml Low Vendor Manifest automatic-module-name org.eclipse.core.contenttype Medium Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor pom name Eclipse Content Mechanism High Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor file name org.eclipse.core.contenttype High Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest require-bundle org.eclipse.equinox.preferences;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.13.0,4.0.0)" Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor Manifest bundle-symbolicname org.eclipse.core.contenttype; singleton:=true Medium Product pom organization name Eclipse Foundation Low Product jar package name content Highest Product pom artifactid eclipse.core.contenttype Highest Product Manifest service-component OSGI-INF/contenttypemanager.xml Low Product Manifest automatic-module-name org.eclipse.core.contenttype Medium Product pom artifactid org.eclipse.core.contenttype Highest Product jar package name eclipse Highest Product pom name Eclipse Content Mechanism High Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product file name org.eclipse.core.contenttype High Product Manifest require-bundle org.eclipse.equinox.preferences;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.13.0,4.0.0)" Low Product Manifest bundle-activationpolicy lazy Low Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Product Manifest bundle-symbolicname org.eclipse.core.contenttype; singleton:=true Medium Version file version 3.7.800 High Version pom version 3.7.800 Highest
org.eclipse.core.expressions-3.7.0.jarDescription:
Expression Language License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.expressions\3.7.0\org.eclipse.core.expressions-3.7.0.jar
MD5: bd4bb145effe11d08268493d6ccebd13
SHA1: 80511d2bbe6c51efb1f6d94c53d92c9438f1dd53
SHA256: 4c69c72644539fc1c1df784b8d979c810d8ce5f79977ade3ce0cc04fcd9a01b8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.eclipse.core.expressions; singleton:=true Medium Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest automatic-module-name org.eclipse.core.expressions Medium Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor pom artifactid eclipse.core.expressions Low Vendor jar package name expressions Highest Vendor jar package name expression Highest Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor pom name Expression Language High Vendor Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)" Low Vendor pom url http://www.eclipse.org/platform Highest Vendor file name org.eclipse.core.expressions High Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Product Manifest bundle-symbolicname org.eclipse.core.expressions; singleton:=true Medium Product pom organization name Eclipse Foundation Low Product Manifest automatic-module-name org.eclipse.core.expressions Medium Product pom artifactid eclipse.core.expressions Highest Product jar package name eclipse Highest Product jar package name expressions Highest Product jar package name expression Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product pom name Expression Language High Product Manifest require-bundle org.eclipse.core.runtime;bundle-version="[3.3.0,4.0.0)" Low Product file name org.eclipse.core.expressions High Product Manifest bundle-activationpolicy lazy Low Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name %pluginName Medium Product pom artifactid org.eclipse.core.expressions Highest Product pom organization url http://www.eclipse.org/ Low Version file version 3.7.0 High Version pom version 3.7.0 Highest
org.eclipse.core.filesystem-1.7.700.jarDescription:
Core File Systems License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.filesystem\1.7.700\org.eclipse.core.filesystem-1.7.700.jar
MD5: 4fb0f12636adc038c51f38b112aa9741
SHA1: f42506dfe4f71e5fe4414e1f14d529b07fafa539
SHA256: f01cc88adca40906755b40926861f7e7b46da43f1af97a0491c26dd76a542b03
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid eclipse.core.filesystem Low Vendor pom organization url http://www.eclipse.org/ Medium Vendor jar package name filesystem Highest Vendor Manifest automatic-module-name org.eclipse.core.filesystem Medium Vendor Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)",org.eclipse.osgi;bundle-version="[3.2.0,4.0.0)" Low Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor pom name Core File Systems High Vendor Manifest bundle-symbolicname org.eclipse.core.filesystem; singleton:=true Medium Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor file name org.eclipse.core.filesystem High Product pom organization name Eclipse Foundation Low Product jar package name filesystem Highest Product pom artifactid eclipse.core.filesystem Highest Product Manifest automatic-module-name org.eclipse.core.filesystem Medium Product Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)",org.eclipse.osgi;bundle-version="[3.2.0,4.0.0)" Low Product jar package name eclipse Highest Product pom artifactid org.eclipse.core.filesystem Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product pom name Core File Systems High Product Manifest bundle-symbolicname org.eclipse.core.filesystem; singleton:=true Medium Product Manifest bundle-activationpolicy lazy Low Product Manifest build-jdk-spec 11 Low Product file name org.eclipse.core.filesystem High Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Version file version 1.7.700 High Version pom version 1.7.700 Highest
org.eclipse.core.jobs-3.10.800.jarDescription:
Eclipse Jobs Mechanism License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.jobs\3.10.800\org.eclipse.core.jobs-3.10.800.jar
MD5: ac50bc6b66afeabc066f96e3b868fd6a
SHA1: 604a4bd67197f89312b3b10bfe1a30f1b0420d47
SHA256: 3242f34d6923d4975cb6b37c3b9149df46071594b1b9b0d85ee70025edb3f2ef
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name jobs Highest Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.8.0,4.0.0)" Low Vendor Manifest bundle-symbolicname org.eclipse.core.jobs; singleton:=true Medium Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor pom name Eclipse Jobs Mechanism High Vendor Manifest automatic-module-name org.eclipse.core.jobs Medium Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor file name org.eclipse.core.jobs High Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor pom artifactid eclipse.core.jobs Low Product jar package name jobs Highest Product pom organization name Eclipse Foundation Low Product Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.8.0,4.0.0)" Low Product pom artifactid eclipse.core.jobs Highest Product Manifest bundle-symbolicname org.eclipse.core.jobs; singleton:=true Medium Product jar package name eclipse Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product pom name Eclipse Jobs Mechanism High Product Manifest automatic-module-name org.eclipse.core.jobs Medium Product Manifest bundle-activationpolicy lazy Low Product file name org.eclipse.core.jobs High Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name %pluginName Medium Product pom artifactid org.eclipse.core.jobs Highest Product pom organization url http://www.eclipse.org/ Low Version file version 3.10.800 High Version pom version 3.10.800 Highest
org.eclipse.core.resources-3.13.800.jarDescription:
Core Resource Management License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.resources\3.13.800\org.eclipse.core.resources-3.13.800.jar
MD5: 51676c5ba766f7a3bbe8a90bb76933ec
SHA1: e7d92c33ab60bc9abe169205f9a3bce242cf7866
SHA256: d0afbcad43f7c391efeaddebec0fa28aca3d1121e545450b4fbe10936dcfc9ee
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest require-bundle org.eclipse.ant.core;bundle-version="[3.1.0,4.0.0)";resolution:=optional,org.eclipse.core.expressions;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.3.0,2.0.0)",org.eclipse.core.runtime;bundle-version="[3.12.0,4.0.0)" Low Vendor pom organization url http://www.eclipse.org/ Medium Vendor pom name Core Resource Management High Vendor Manifest bundle-symbolicname org.eclipse.core.resources; singleton:=true Medium Vendor jar package name resources Highest Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor file name org.eclipse.core.resources High Vendor Manifest service-component OSGI-INF/ResourceChangeListenerRegistrar.xml Low Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor pom artifactid eclipse.core.resources Low Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest automatic-module-name org.eclipse.core.resources Medium Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Product Manifest require-bundle org.eclipse.ant.core;bundle-version="[3.1.0,4.0.0)";resolution:=optional,org.eclipse.core.expressions;bundle-version="[3.2.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.3.0,2.0.0)",org.eclipse.core.runtime;bundle-version="[3.12.0,4.0.0)" Low Product pom organization name Eclipse Foundation Low Product pom artifactid org.eclipse.core.resources Highest Product pom name Core Resource Management High Product Manifest bundle-symbolicname org.eclipse.core.resources; singleton:=true Medium Product jar package name resources Highest Product jar package name eclipse Highest Product file name org.eclipse.core.resources High Product Manifest service-component OSGI-INF/ResourceChangeListenerRegistrar.xml Low Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product pom artifactid eclipse.core.resources Highest Product Manifest automatic-module-name org.eclipse.core.resources Medium Product Manifest bundle-activationpolicy lazy Low Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Version file version 3.13.800 High Version pom version 3.13.800 Highest
org.eclipse.core.resources-3.13.800.jar: resources-ant.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.resources\3.13.800\org.eclipse.core.resources-3.13.800.jar\ant_tasks\resources-ant.jarMD5: 17bea56910d1044d41c6d446a84fa379SHA1: b3c9d5c09f1759991736db2356e0af953155c2ffSHA256: 7e394c44aebb420911f6d05052d4bcc7e111b7fea123d7a3cb4a1436acc521c0Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name resources-ant High Vendor jar package name resources Low Vendor jar package name eclipse Low Vendor jar package name core Low Product file name resources-ant High Product jar package name resources Low Product jar package name ant Low Product jar package name core Low
org.eclipse.core.runtime-3.19.0.jarDescription:
Core Runtime License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.core.runtime\3.19.0\org.eclipse.core.runtime-3.19.0.jar
MD5: a2be7993db892a69a5bf8cbe7bcfff39
SHA1: 87baae14592eeed8fd055f3faed99b0bab5cae64
SHA256: dfa32adfd5ef4747a85db8cc6d5452056831664f27bb9d2f95bb388c8ee7aafb
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name org.eclipse.core.runtime High Vendor pom organization url http://www.eclipse.org/ Medium Vendor pom artifactid eclipse.core.runtime Low Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor Manifest automatic-module-name org.eclipse.core.runtime Medium Vendor jar package name runtime Highest Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor pom name Core Runtime High Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor Manifest bundle-symbolicname org.eclipse.core.runtime; singleton:=true Medium Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest require-bundle org.eclipse.osgi;bundle-version="[3.13.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.common;bundle-version="[3.13.0,4.0.0)";visibility:=reexport,org.eclipse.core.jobs;bundle-version="[3.10.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.registry;bundle-version="[3.9.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.preferences;bundle-version="[3.7.0,4.0.0)";visibility:=reexport,org.eclipse.core.contenttype;bundle-version="[3.7.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.app;bundle-version="1.3.0";visibility:=reexport Low Vendor Manifest build-jdk-spec 11 Low Vendor jar package name platform Highest Vendor pom organization name Eclipse Foundation High Product file name org.eclipse.core.runtime High Product pom organization name Eclipse Foundation Low Product pom artifactid org.eclipse.core.runtime Highest Product jar package name eclipse Highest Product Manifest automatic-module-name org.eclipse.core.runtime Medium Product jar package name runtime Highest Product jar package name preferences Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom name Core Runtime High Product pom url http://www.eclipse.org/platform Medium Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product Manifest bundle-symbolicname org.eclipse.core.runtime; singleton:=true Medium Product Manifest bundle-activationpolicy lazy Low Product Manifest require-bundle org.eclipse.osgi;bundle-version="[3.13.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.common;bundle-version="[3.13.0,4.0.0)";visibility:=reexport,org.eclipse.core.jobs;bundle-version="[3.10.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.registry;bundle-version="[3.9.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.preferences;bundle-version="[3.7.0,4.0.0)";visibility:=reexport,org.eclipse.core.contenttype;bundle-version="[3.7.0,4.0.0)";visibility:=reexport,org.eclipse.equinox.app;bundle-version="1.3.0";visibility:=reexport Low Product jar package name plugin Highest Product Manifest build-jdk-spec 11 Low Product jar package name platform Highest Product Manifest Bundle-Name %pluginName Medium Product pom artifactid eclipse.core.runtime Highest Product pom organization url http://www.eclipse.org/ Low Version pom version 3.19.0 Highest Version file version 3.19.0 High
org.eclipse.equinox.app-1.5.0.jarDescription:
Equinox Application Container License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.equinox.app\1.5.0\org.eclipse.equinox.app-1.5.0.jar
MD5: 353fbb9366f161fd4f7e28827385b3b4
SHA1: f8bcdacfcb3dde74fe18ca99d036a61255c41593
SHA256: 2ea56e8f90a9b817781e0f957a26512495ca20eef5fec2631f487f895545bd79
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest automatic-module-name org.eclipse.equinox.app Medium Vendor jar package name app Highest Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest comment-dynamicimport this is only used to allow late binding of the package Low Vendor Manifest eclipse-lazystart true Low Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor jar package name application Highest Vendor pom name Equinox Application Container High Vendor jar package name equinox Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor Manifest require-bundle org.eclipse.equinox.registry;bundle-version="[3.4.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)" Low Vendor pom artifactid eclipse.equinox.app Low Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-symbolicname org.eclipse.equinox.app; singleton:=true Medium Vendor file name org.eclipse.equinox.app High Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Product Manifest automatic-module-name org.eclipse.equinox.app Medium Product jar package name app Highest Product pom organization name Eclipse Foundation Low Product pom artifactid org.eclipse.equinox.app Highest Product Manifest comment-dynamicimport this is only used to allow late binding of the package Low Product Manifest eclipse-lazystart true Low Product jar package name eclipse Highest Product jar package name application Highest Product pom name Equinox Application Container High Product jar package name equinox Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product Manifest require-bundle org.eclipse.equinox.registry;bundle-version="[3.4.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)" Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-symbolicname org.eclipse.equinox.app; singleton:=true Medium Product file name org.eclipse.equinox.app High Product pom artifactid eclipse.equinox.app Highest Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Version file version 1.5.0 High Version pom version 1.5.0 Highest
org.eclipse.equinox.common-3.13.0.jarDescription:
Common Eclipse Runtime License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.equinox.common\3.13.0\org.eclipse.equinox.common-3.13.0.jar
MD5: 59e1317b4792d3a75d971ef18395b80a
SHA1: cf3f518be2da5be643fc66d8a3cd96956741eeb0
SHA256: eee0463ec7908633e192f0bde8009fbc4425f2b7156ce738bb354795f77a1010
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid eclipse.equinox.common Low Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest eclipse-lazystart true Low Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor Manifest automatic-module-name org.eclipse.equinox.common Medium Vendor pom name Common Eclipse Runtime High Vendor file name org.eclipse.equinox.common High Vendor jar package name runtime Highest Vendor jar package name equinox Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor Manifest bundle-symbolicname org.eclipse.equinox.common; singleton:=true Medium Product pom organization name Eclipse Foundation Low Product pom artifactid eclipse.equinox.common Highest Product Manifest eclipse-lazystart true Low Product jar package name eclipse Highest Product Manifest automatic-module-name org.eclipse.equinox.common Medium Product pom name Common Eclipse Runtime High Product file name org.eclipse.equinox.common High Product jar package name runtime Highest Product pom artifactid org.eclipse.equinox.common Highest Product jar package name equinox Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest build-jdk-spec 11 Low Product Manifest bundle-symbolicname org.eclipse.equinox.common; singleton:=true Medium Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Version pom version 3.13.0 Highest Version file version 3.13.0 High
org.eclipse.equinox.preferences-3.8.0.jarDescription:
Eclipse Preferences Mechanism License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.equinox.preferences\3.8.0\org.eclipse.equinox.preferences-3.8.0.jar
MD5: 5958ab165fe9853a15d4b9fa50f55aef
SHA1: c4514529bf6f64fdeaacd3d5417b563e9377e09f
SHA256: d42f0747a4b6d282200ed77adfb8d8f2927120c136efd64d063730eb9fb10d9d
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest eclipse-lazystart true; exceptions="org.eclipse.core.internal.preferences.exchange" Low Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest bundle-symbolicname org.eclipse.equinox.preferences; singleton:=true Medium Vendor pom artifactid eclipse.equinox.preferences Low Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor file name org.eclipse.equinox.preferences High Vendor jar package name preferences Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)";resolution:=optional Low Vendor Manifest bundle-activationpolicy lazy; exclude:="org.eclipse.core.internal.preferences.exchange" Low Vendor Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor pom url http://www.eclipse.org/platform Highest Vendor Manifest automatic-module-name org.eclipse.equinox.preferences Medium Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor pom name Eclipse Preferences Mechanism High Product Manifest eclipse-lazystart true; exceptions="org.eclipse.core.internal.preferences.exchange" Low Product pom organization name Eclipse Foundation Low Product Manifest bundle-symbolicname org.eclipse.equinox.preferences; singleton:=true Medium Product jar package name eclipse Highest Product file name org.eclipse.equinox.preferences High Product jar package name preferences Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.2.0,4.0.0)",org.eclipse.equinox.registry;bundle-version="[3.2.0,4.0.0)";resolution:=optional Low Product Manifest bundle-activationpolicy lazy; exclude:="org.eclipse.core.internal.preferences.exchange" Low Product pom artifactid org.eclipse.equinox.preferences Highest Product Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product pom artifactid eclipse.equinox.preferences Highest Product Manifest automatic-module-name org.eclipse.equinox.preferences Medium Product Manifest build-jdk-spec 11 Low Product pom name Eclipse Preferences Mechanism High Product jar package name internal Highest Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Version file version 3.8.0 High Version pom version 3.8.0 Highest
org.eclipse.equinox.registry-3.9.0.jarDescription:
Extension Registry Support License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.equinox.registry\3.9.0\org.eclipse.equinox.registry-3.9.0.jar
MD5: 3de321467737b0586a86d7de310e065a
SHA1: eaa2e9c62d8b2eb064bf1cbea0f71114cbb2d3b3
SHA256: cd1b4864579ab8ec67c8e6ea647a08e089721512a736a6720ddda4970be4f6db
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Extension Registry Support High Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest eclipse-lazystart true Low Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor Manifest bundle-symbolicname org.eclipse.equinox.registry;singleton:=true Medium Vendor Manifest eclipse-extensibleapi true Low Vendor pom artifactid eclipse.equinox.registry Low Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest automatic-module-name org.eclipse.equinox.registry Medium Vendor Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor file name org.eclipse.equinox.registry High Vendor pom url http://www.eclipse.org/platform Highest Vendor jar package name registry Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.13.0,4.0.0)" Low Product pom name Extension Registry Support High Product pom organization name Eclipse Foundation Low Product Manifest eclipse-lazystart true Low Product jar package name eclipse Highest Product Manifest bundle-symbolicname org.eclipse.equinox.registry;singleton:=true Medium Product Manifest eclipse-extensibleapi true Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest automatic-module-name org.eclipse.equinox.registry Medium Product Manifest comment-header Both Eclipse-LazyStart and Bundle-ActivationPolicy are specified for compatibility with 3.2 Low Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product pom artifactid eclipse.equinox.registry Highest Product file name org.eclipse.equinox.registry High Product jar package name registry Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest build-jdk-spec 11 Low Product pom artifactid org.eclipse.equinox.registry Highest Product Manifest Bundle-Name %pluginName Medium Product Manifest require-bundle org.eclipse.equinox.common;bundle-version="[3.13.0,4.0.0)" Low Product pom organization url http://www.eclipse.org/ Low Version file version 3.9.0 High Version pom version 3.9.0 Highest
org.eclipse.jdt.core-3.23.0.jarDescription:
Java Development Tools Core License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jdt\org.eclipse.jdt.core\3.23.0\org.eclipse.jdt.core-3.23.0.jar
MD5: f18a1a14343626e50f723cd8ef7bebd5
SHA1: 7d5093b9e300299872feb5b5d7db9e2b621643ff
SHA256: b1fec3e59a0c09c5e2b22a67737a54162b6117f1500378b26be490816c3443c2
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom organization url http://www.eclipse.org/ Medium Vendor pom groupid eclipse.jdt Highest Vendor jar package name eclipse Highest Vendor Manifest bundle-symbolicname org.eclipse.jdt.core; singleton:=true Medium Vendor pom artifactid eclipse.jdt.core Low Vendor pom url http://www.eclipse.org/jdt Highest Vendor pom groupid org.eclipse.jdt Highest Vendor jar package name jdt Highest Vendor Manifest eclipse-extensibleapi true Low Vendor jar package name core Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor Manifest automatic-module-name org.eclipse.jdt.core Medium Vendor Manifest bundle-activationpolicy lazy Low Vendor pom name Java Development Tools Core High Vendor file name org.eclipse.jdt.core High Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor Manifest require-bundle org.eclipse.core.resources;bundle-version="[3.12.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.13.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.7.0,2.0.0)",org.eclipse.text;bundle-version="[3.6.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.1.0,4.0.0)";resolution:=optional Low Product pom organization name Eclipse Foundation Low Product pom groupid eclipse.jdt Highest Product jar package name eclipse Highest Product Manifest bundle-symbolicname org.eclipse.jdt.core; singleton:=true Medium Product jar package name jdt Highest Product Manifest eclipse-extensibleapi true Low Product pom artifactid eclipse.jdt.core Highest Product jar package name core Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest bundle-localization plugin Low Product Manifest automatic-module-name org.eclipse.jdt.core Medium Product Manifest bundle-activationpolicy lazy Low Product pom name Java Development Tools Core High Product file name org.eclipse.jdt.core High Product Manifest build-jdk-spec 11 Low Product Manifest require-bundle org.eclipse.core.resources;bundle-version="[3.12.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.13.0,4.0.0)",org.eclipse.core.filesystem;bundle-version="[1.7.0,2.0.0)",org.eclipse.text;bundle-version="[3.6.0,4.0.0)",org.eclipse.team.core;bundle-version="[3.1.0,4.0.0)";resolution:=optional Low Product Manifest Bundle-Name %pluginName Medium Product pom url http://www.eclipse.org/jdt Medium Product pom artifactid org.eclipse.jdt.core Highest Product pom organization url http://www.eclipse.org/ Low Version pom version 3.23.0 Highest Version file version 3.23.0 High
org.eclipse.jdt.core-3.23.0.jar: jdtCompilerAdapter.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jdt\org.eclipse.jdt.core\3.23.0\org.eclipse.jdt.core-3.23.0.jar\jdtCompilerAdapter.jarMD5: 6df7b80c3f6bd308e4209f404f61ac0fSHA1: d92f1db85d691e3bbb053d21ca57503b960bd216SHA256: 88758ac12282d6ac76298e8a2744c1d245b7f5810f026f45262f555a6d928fc8Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name jdt Low Vendor jar package name eclipse Low Vendor file name jdtCompilerAdapter High Vendor jar package name core Low Product jar package name jdt Low Product file name jdtCompilerAdapter High Product jar package name core Low
org.eclipse.jgit-4.5.0.201609210915-r.jarDescription:
Repository access and algorithms
File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\jgit\org.eclipse.jgit\4.5.0.201609210915-r\org.eclipse.jgit-4.5.0.201609210915-r.jarMD5: 254d01804dba0928b017928e71cadf05SHA1: 3e3d0b73dcf4ad649f37758ea8502d92f3d299deSHA256: e6739bf218062dd09c17d637e2ac7a98435e29e47100b38b1f2d926383f6cee4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.eclipse.jgit Medium Vendor pom parent-groupid org.eclipse.jgit Medium Vendor Manifest implementation-vendor-url http://www.eclipse.org/jgit/ Medium Vendor pom groupid org.eclipse.jgit Highest Vendor jar package name eclipse Highest Vendor Manifest Implementation-Vendor Eclipse.org - JGit High Vendor file name org.eclipse.jgit High Vendor Manifest bundle-localization plugin Low Vendor jar package name repository Highest Vendor pom name JGit - Core High Vendor jar package name jgit Highest Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest Implementation-Vendor-Id org.eclipse.jgit Medium Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Vendor jar package name http Highest Vendor pom parent-artifactid org.eclipse.jgit-parent Low Vendor pom artifactid eclipse.jgit Low Vendor pom groupid eclipse.jgit Highest Product Manifest bundle-symbolicname org.eclipse.jgit Medium Product Manifest Bundle-Name %plugin_name Medium Product pom parent-groupid org.eclipse.jgit Medium Product pom artifactid eclipse.jgit Highest Product Manifest Implementation-Title JGit org.eclipse.jgit High Product jar package name eclipse Highest Product pom artifactid org.eclipse.jgit Highest Product file name org.eclipse.jgit High Product Manifest bundle-localization plugin Low Product jar package name repository Highest Product pom name JGit - Core High Product jar package name jgit Highest Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-requiredexecutionenvironment JavaSE-1.7 Low Product pom parent-artifactid org.eclipse.jgit-parent Medium Product pom groupid eclipse.jgit Highest Version pom version 4.5.0.201609210915-r Highest Version Manifest Implementation-Version 4.5.0.201609210915-r High Version Manifest Bundle-Version 4.5.0.201609210915-r High
org.eclipse.osgi-3.16.0.jarDescription:
OSGi System Bundle
%systemBundle License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.osgi\3.16.0\org.eclipse.osgi-3.16.0.jar
MD5: 94fb6edbe9c6fedd598e53832e33f079
SHA1: 9449134155362d8dfbada5e89939ecf6d1092e64
SHA256: f97bb05c1683dc0862f3f1a9ff63788eec77882c4149c8a583f99ae4b0aa739f
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest require-capability osgi.ee; filter:="(| (&(osgi.ee=JavaSE)(version=1.8)) (&(osgi.ee=JavaSE/compact1)(version=1.8)) )" Low Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest bundle-copyright %copyright Low Vendor Manifest bundle-docurl http://www.eclipse.org Low Vendor Manifest eclipse-bundleshape jar Low Vendor jar package name bundle Highest Vendor jar package name osgi Highest Vendor Manifest automatic-module-name org.eclipse.osgi Medium Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor Manifest eclipse-systembundle true Low Vendor Manifest eclipse-extensibleapi true Low Vendor pom artifactid eclipse.osgi Low Vendor Manifest bundle-localization systembundle Low Vendor Manifest bundle-symbolicname org.eclipse.osgi; singleton:=true Medium Vendor pom groupid eclipse.platform Highest Vendor pom url http://www.eclipse.org/platform Highest Vendor pom name OSGi System Bundle High Vendor Manifest provide-capability osgi.service; objectClass:List="org.osgi.service.log.LogReaderService,org.eclipse.equinox.log.ExtendedLogReaderService"; uses:="org.osgi.service.log",osgi.service; objectClass:List="org.osgi.service.log.LoggerFactory,org.osgi.service.log.LogService,org.eclipse.equinox.log.ExtendedLogService"; uses:="org.osgi.service.log",osgi.service; objectClass:List="org.osgi.service.log.admin.LoggerAdmin"; uses:="org.osgi.service.log.admin",osgi.service; objectClass:List="org.eclipse.osgi.framework.log.FrameworkLog"; uses:="",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.user.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.instance.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.configuration.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.install.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="eclipse.home.location"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.environment.EnvironmentInfo"; uses:="org.eclipse.osgi.service.environment",osgi.service; objectClass:List="org.osgi.service.packageadmin.PackageAdmin"; uses:="org.osgi.service.packageadmin",osgi.service; objectClass:List="org.osgi.service.startlevel.StartLevel"; uses:="org.osgi.service.startlevel",osgi.service; objectClass:List="org.osgi.service.permissionadmin.PermissionAdmin"; uses:="org.osgi.service.permissionadmin",osgi.service; objectClass:List="org.osgi.service.condpermadmin.ConditionalPermissionAdmin"; uses:="org.osgi.service.condpermadmin",osgi.service; objectClass:List="org.osgi.service.resolver.Resolver"; uses:="org.osgi.service.resolver",osgi.service; objectClass:List="org.eclipse.osgi.service.debug.DebugOptions"; uses:="org.eclipse.osgi.service.debug",osgi.service; objectClass:List="org.eclipse.osgi.service.urlconversion.URLConverter"; uses:="org.eclipse.osgi.service.urlconversion",osgi.service; objectClass:List="org.eclipse.osgi.service.localization.BundleLocalization"; uses:="org.eclipse.osgi.service.localization",osgi.service; objectClass:List="org.eclipse.osgi.service.security.TrustEngine"; uses:="org.eclipse.osgi.service.security",osgi.service; objectClass:List="org.eclipse.osgi.signedcontent.SignedContentFactory"; uses:="org.eclipse.osgi.signedcontent" Low Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Vendor file name org.eclipse.osgi High Product Manifest bundle-copyright %copyright Low Product pom artifactid eclipse.osgi Highest Product jar package name osgi Highest Product jar package name loggerfactory Highest Product jar package name signedcontent Highest Product jar package name log Highest Product jar package name admin Highest Product pom name OSGi System Bundle High Product jar package name logreaderservice Highest Product jar package name framework Highest Product Manifest build-jdk-spec 11 Low Product pom organization url http://www.eclipse.org/ Low Product jar package name conditionalpermissionadmin Highest Product Manifest eclipse-bundleshape jar Low Product jar package name bundle Highest Product jar package name condpermadmin Highest Product Manifest eclipse-systembundle true Low Product jar package name extendedlogreaderservice Highest Product pom url http://www.eclipse.org/platform Medium Product jar package name localization Highest Product jar package name service Highest Product pom organization name Eclipse Foundation Low Product jar package name packageadmin Highest Product jar package name startlevel Highest Product jar package name logservice Highest Product jar package name security Highest Product pom artifactid org.eclipse.osgi Highest Product Manifest eclipse-extensibleapi true Low Product jar package name equinox Highest Product Manifest Bundle-Name %systemBundle Medium Product Manifest provide-capability osgi.service; objectClass:List="org.osgi.service.log.LogReaderService,org.eclipse.equinox.log.ExtendedLogReaderService"; uses:="org.osgi.service.log",osgi.service; objectClass:List="org.osgi.service.log.LoggerFactory,org.osgi.service.log.LogService,org.eclipse.equinox.log.ExtendedLogService"; uses:="org.osgi.service.log",osgi.service; objectClass:List="org.osgi.service.log.admin.LoggerAdmin"; uses:="org.osgi.service.log.admin",osgi.service; objectClass:List="org.eclipse.osgi.framework.log.FrameworkLog"; uses:="",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.user.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.instance.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.configuration.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="osgi.install.area"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.datalocation.Location"; type="eclipse.home.location"; uses:="org.eclipse.osgi.service.datalocation",osgi.service; objectClass:List="org.eclipse.osgi.service.environment.EnvironmentInfo"; uses:="org.eclipse.osgi.service.environment",osgi.service; objectClass:List="org.osgi.service.packageadmin.PackageAdmin"; uses:="org.osgi.service.packageadmin",osgi.service; objectClass:List="org.osgi.service.startlevel.StartLevel"; uses:="org.osgi.service.startlevel",osgi.service; objectClass:List="org.osgi.service.permissionadmin.PermissionAdmin"; uses:="org.osgi.service.permissionadmin",osgi.service; objectClass:List="org.osgi.service.condpermadmin.ConditionalPermissionAdmin"; uses:="org.osgi.service.condpermadmin",osgi.service; objectClass:List="org.osgi.service.resolver.Resolver"; uses:="org.osgi.service.resolver",osgi.service; objectClass:List="org.eclipse.osgi.service.debug.DebugOptions"; uses:="org.eclipse.osgi.service.debug",osgi.service; objectClass:List="org.eclipse.osgi.service.urlconversion.URLConverter"; uses:="org.eclipse.osgi.service.urlconversion",osgi.service; objectClass:List="org.eclipse.osgi.service.localization.BundleLocalization"; uses:="org.eclipse.osgi.service.localization",osgi.service; objectClass:List="org.eclipse.osgi.service.security.TrustEngine"; uses:="org.eclipse.osgi.service.security",osgi.service; objectClass:List="org.eclipse.osgi.signedcontent.SignedContentFactory"; uses:="org.eclipse.osgi.signedcontent" Low Product jar package name filter Highest Product jar package name debug Highest Product file name org.eclipse.osgi High Product jar package name signedcontentfactory Highest Product Manifest require-capability osgi.ee; filter:="(| (&(osgi.ee=JavaSE)(version=1.8)) (&(osgi.ee=JavaSE/compact1)(version=1.8)) )" Low Product Manifest bundle-docurl http://www.eclipse.org Low Product jar package name extendedlogservice Highest Product Manifest automatic-module-name org.eclipse.osgi Medium Product jar package name eclipse Highest Product jar package name permissionadmin Highest Product jar package name resolver Highest Product jar package name environment Highest Product jar package name datalocation Highest Product jar package name urlconversion Highest Product Manifest bundle-localization systembundle Low Product Manifest bundle-symbolicname org.eclipse.osgi; singleton:=true Medium Product jar package name version Highest Product pom groupid eclipse.platform Highest Version pom version 3.16.0 Highest Version file version 3.16.0 High
org.eclipse.sisu.inject-0.0.0.M2a.jarLicense:
http://www.eclipse.org/legal/epl-v10.html File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\sisu\org.eclipse.sisu.inject\0.0.0.M2a\org.eclipse.sisu.inject-0.0.0.M2a.jar
MD5: 6112d58a332b93e86b63aacc66200477
SHA1: 17941e32c751179a9628b25f54ce5641edafb9be
SHA256: 3e745c61748a4780839cbc6c0b10854abae3be26f3cf283a00bc002d2ed98bd1
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid sisu-inject Low Vendor Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Vendor file name org.eclipse.sisu.inject High Vendor pom parent-groupid org.eclipse.sisu Medium Vendor pom groupid org.eclipse.sisu Highest Vendor pom artifactid eclipse.sisu.inject Low Vendor jar package name eclipse Highest Vendor pom groupid eclipse.sisu Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.6,J2SE-1.5 Low Vendor Manifest bundle-activationpolicy lazy Low Vendor Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Vendor jar package name inject Highest Vendor Manifest bundle-copyright Copyright (c) 2010, 2012 Sonatype, Inc. and others Low Vendor jar package name sisu Highest Product Manifest Bundle-Name Sisu-Inject Medium Product Manifest bundle-symbolicname org.eclipse.sisu.inject;singleton:=true Medium Product file name org.eclipse.sisu.inject High Product pom parent-groupid org.eclipse.sisu Medium Product jar package name eclipse Highest Product pom groupid eclipse.sisu Highest Product pom parent-artifactid sisu-inject Medium Product pom artifactid eclipse.sisu.inject Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.6,J2SE-1.5 Low Product Manifest bundle-activationpolicy lazy Low Product Manifest bundle-docurl http://www.eclipse.org/sisu/ Low Product pom artifactid org.eclipse.sisu.inject Highest Product jar package name inject Highest Product jar package name sisu Highest Product Manifest bundle-copyright Copyright (c) 2010, 2012 Sonatype, Inc. and others Low Version pom version 0.0.0.M2a Highest Version Manifest Bundle-Version 0.0.0.M2a High
org.eclipse.sisu.plexus-0.0.0.M2a.jarFile Path: C:\Users\Jeremy\.m2\repository\org\eclipse\sisu\org.eclipse.sisu.plexus\0.0.0.M2a\org.eclipse.sisu.plexus-0.0.0.M2a.jarMD5: ad12584ce30edeacab4a6c32f4afd9b9SHA1: 07510dc8dfe27a0b57c17601bc760b7b0c8f95faSHA256: 03df90434ddf1851924dd9ba4d5f22aff7b134265fe9c7ecdb59d9b1dc3c1987Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid eclipse.sisu Highest Vendor pom parent-artifactid sisu-plexus Low Vendor jar package name plexus Highest Vendor pom parent-groupid org.eclipse.sisu Medium Vendor pom artifactid eclipse.sisu.plexus Low Vendor pom groupid org.eclipse.sisu Highest Vendor file name org.eclipse.sisu.plexus High Vendor jar package name eclipse Highest Vendor jar package name codehaus Low Vendor jar package name plexus Low Vendor jar package name sisu Highest Product pom groupid eclipse.sisu Highest Product pom artifactid eclipse.sisu.plexus Highest Product jar package name plexus Highest Product pom parent-groupid org.eclipse.sisu Medium Product file name org.eclipse.sisu.plexus High Product jar package name eclipse Highest Product jar package name plexus Low Product pom artifactid org.eclipse.sisu.plexus Highest Product jar package name sisu Highest Product pom parent-artifactid sisu-plexus Medium Version pom version 0.0.0.M2a Highest
org.eclipse.text-3.10.300.jarDescription:
Text License:
Eclipse Public License - v 2.0: https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\eclipse\platform\org.eclipse.text\3.10.300\org.eclipse.text-3.10.300.jar
MD5: c361983d805c07e412d0377055ae37e6
SHA1: dbb56729771b4e25cefb27e42da7d9d219d56874
SHA256: 07ae4150685290947438460e0ebc838b09bf7a40ac8ca60b9e570f9e7b0cb472
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom organization url http://www.eclipse.org/ Medium Vendor Manifest require-bundle org.eclipse.core.commands;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.preferences;bundle-version="[3.7.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.14.0,4.0.0)" Low Vendor pom artifactid eclipse.text Low Vendor Manifest automatic-module-name org.eclipse.text Medium Vendor pom groupid org.eclipse.platform Highest Vendor jar package name eclipse Highest Vendor jar package name text Highest Vendor pom name Text High Vendor Manifest bundle-symbolicname org.eclipse.text Medium Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor Manifest bundle-localization plugin Low Vendor pom groupid eclipse.platform Highest Vendor pom url http://www.eclipse.org/platform Highest Vendor file name org.eclipse.text High Vendor Manifest build-jdk-spec 11 Low Vendor pom organization name Eclipse Foundation High Product pom organization name Eclipse Foundation Low Product Manifest require-bundle org.eclipse.core.commands;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.common;bundle-version="[3.5.0,4.0.0)",org.eclipse.equinox.preferences;bundle-version="[3.7.0,4.0.0)",org.eclipse.core.runtime;bundle-version="[3.14.0,4.0.0)" Low Product pom artifactid org.eclipse.text Highest Product Manifest automatic-module-name org.eclipse.text Medium Product pom artifactid eclipse.text Highest Product jar package name eclipse Highest Product jar package name text Highest Product pom name Text High Product Manifest bundle-symbolicname org.eclipse.text Medium Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product pom url http://www.eclipse.org/platform Medium Product Manifest bundle-localization plugin Low Product pom groupid eclipse.platform Highest Product file name org.eclipse.text High Product Manifest build-jdk-spec 11 Low Product Manifest Bundle-Name %pluginName Medium Product pom organization url http://www.eclipse.org/ Low Version file version 3.10.300 High Version pom version 3.10.300 Highest
org.jacoco.agent-0.8.6-runtime.jarFile Path: C:\Users\Jeremy\.m2\repository\org\jacoco\org.jacoco.agent\0.8.6\org.jacoco.agent-0.8.6-runtime.jarMD5: 70d661da6d88e2c135243ee40ec564caSHA1: dc49f68f604f21737a58cf405623e36183228c46SHA256: 7050e4de4063468127b5216b05457493658444994ee018585c97331570d55bf5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.jacoco Highest Vendor jar package name jacoco Highest Vendor jar package name agent Highest Vendor jar package name rt Low Vendor jar package name agent Low Vendor file name org.jacoco.agent High Vendor Manifest automatic-module-name org.jacoco.agent.rt Medium Vendor jar package name jacoco Low Vendor jar package name rt Highest Vendor Manifest Implementation-Vendor Mountainminds GmbH & Co. KG High Product jar package name jacoco Highest Product jar package name agent Highest Product jar package name rt Low Product jar package name agent Low Product file name org.jacoco.agent High Product Manifest automatic-module-name org.jacoco.agent.rt Medium Product pom artifactid org.jacoco.agent Highest Product jar package name internal_f3994fa Low Product Manifest Implementation-Title JaCoCo Java Agent High Product jar package name rt Highest Version Manifest Implementation-Version 0.8.6 High Version pom version 0.8.6 Highest Version file version 0.8.6 High
org.jacoco.agent-0.8.6-runtime.jar (shaded: org.jacoco:org.jacoco.agent.rt:0.8.6)Description:
JaCoCo Java Agent File Path: C:\Users\Jeremy\.m2\repository\org\jacoco\org.jacoco.agent\0.8.6\org.jacoco.agent-0.8.6-runtime.jar\META-INF/maven/org.jacoco/org.jacoco.agent.rt/pom.xmlMD5: 8e5e435d194bce1997e1ecfba0966d81SHA1: d315d73c27d136d6d245ba3fb2aec463e300ec77SHA256: 31bb8a2044199d17384d817f84cf371a38621282c959c5cbbdfc71ca145e272fReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.jacoco Medium Vendor pom groupid jacoco Highest Vendor pom name JaCoCo :: Agent RT High Vendor pom parent-artifactid org.jacoco.build Low Vendor pom artifactid jacoco.agent.rt Low Product pom parent-groupid org.jacoco Medium Product pom groupid jacoco Highest Product pom artifactid jacoco.agent.rt Highest Product pom name JaCoCo :: Agent RT High Product pom parent-artifactid org.jacoco.build Medium Version pom version 0.8.6 Highest
org.jacoco.core-0.8.6.jarDescription:
JaCoCo Core License:
https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\jacoco\org.jacoco.core\0.8.6\org.jacoco.core-0.8.6.jar
MD5: 470993c1f2c35de9209ebf9831fc5e72
SHA1: 8c20544d06b8a54de1a585e4fcd0b101c0b433d9
SHA256: 964bcb63bc01fa76ab70e33afbf69975fb22ecf73e37b94b4f733b35eb31b6ff
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid jacoco.core Low Vendor pom groupid org.jacoco Highest Vendor jar package name jacoco Highest Vendor pom parent-groupid org.jacoco Medium Vendor Manifest bundle-symbolicname org.jacoco.core Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor Manifest automatic-module-name org.jacoco.core Medium Vendor jar package name core Highest Vendor pom groupid jacoco Highest Vendor pom name JaCoCo :: Core High Vendor pom parent-artifactid org.jacoco.build Low Vendor file name org.jacoco.core High Product jar package name jacoco Highest Product pom parent-groupid org.jacoco Medium Product Manifest bundle-symbolicname org.jacoco.core Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product Manifest automatic-module-name org.jacoco.core Medium Product Manifest Bundle-Name JaCoCo Core Medium Product jar package name core Highest Product pom groupid jacoco Highest Product pom name JaCoCo :: Core High Product pom artifactid org.jacoco.core Highest Product pom parent-artifactid org.jacoco.build Medium Product pom artifactid jacoco.core Highest Product file name org.jacoco.core High Version pom version 0.8.6 Highest Version file version 0.8.6 High
org.jacoco.report-0.8.6.jarDescription:
JaCoCo Report License:
https://www.eclipse.org/legal/epl-2.0/ File Path: C:\Users\Jeremy\.m2\repository\org\jacoco\org.jacoco.report\0.8.6\org.jacoco.report-0.8.6.jar
MD5: 6e66e2cdff52c8394bd295f48de30fd8
SHA1: 0547074a71e8bf82651a0fb95ce3724efde8c6a4
SHA256: 5655d39a287f50a7d1992ce0fd41143a3c3cfa97c6f84670dfdfa9b29da11da9
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.jacoco Highest Vendor jar package name jacoco Highest Vendor pom parent-groupid org.jacoco Medium Vendor Manifest bundle-symbolicname org.jacoco.report Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor Manifest automatic-module-name org.jacoco.report Medium Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor pom name JaCoCo :: Report High Vendor pom groupid jacoco Highest Vendor jar package name report Highest Vendor file name org.jacoco.report High Vendor pom artifactid jacoco.report Low Vendor pom parent-artifactid org.jacoco.build Low Product jar package name jacoco Highest Product pom parent-groupid org.jacoco Medium Product Manifest bundle-symbolicname org.jacoco.report Medium Product Manifest Bundle-Name JaCoCo Report Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product Manifest automatic-module-name org.jacoco.report Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom name JaCoCo :: Report High Product pom artifactid jacoco.report Highest Product pom groupid jacoco Highest Product pom artifactid org.jacoco.report Highest Product jar package name report Highest Product file name org.jacoco.report High Product pom parent-artifactid org.jacoco.build Medium Version pom version 0.8.6 Highest Version file version 0.8.6 High
org.jacoco.report-0.8.6.jar: prettify.jsFile Path: C:\Users\Jeremy\.m2\repository\org\jacoco\org.jacoco.report\0.8.6\org.jacoco.report-0.8.6.jar\org\jacoco\report\internal\html\resources\prettify.jsMD5: 4b337aaa3c606cfc1a6ff1986db2c8cbSHA1: 290093755739da933c180ae7e7ebf283724dad1dSHA256: 743c6c4cab9499cd0bfe18a5a62281eccce843f47ec75eedb32eeb29c755aa68Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
org.jacoco.report-0.8.6.jar: sort.jsFile Path: C:\Users\Jeremy\.m2\repository\org\jacoco\org.jacoco.report\0.8.6\org.jacoco.report-0.8.6.jar\org\jacoco\report\internal\html\resources\sort.jsMD5: 727f663502fd1d85787ea703506b651eSHA1: cca2b01454d6bc3cd5083552e138e991b8fe8e35SHA256: 3fd8dc27e9e0714d2dca4e1a16d775fefee2677962d968f36e05fc74b83a95cdReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
oro-2.0.8.jarFile Path: C:\Users\Jeremy\.m2\repository\oro\oro\2.0.8\oro-2.0.8.jarMD5: 42e940d5d2d822f4dc04c65053e630abSHA1: 5592374f834645c4ae250f4c9fbb314c9369d698SHA256: e00ccdad5df7eb43fdee44232ef64602bf63807c2d133a7be83ba09fd49af26eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name apache Highest Vendor manifest: org/apache/oro Implementation-Vendor Apache Software Foundation Medium Vendor pom groupid oro Highest Vendor pom artifactid oro Low Vendor jar package name oro Highest Vendor file name oro High Product jar package name apache Highest Product pom groupid oro Highest Product manifest: org/apache/oro Implementation-Title org.apache.oro Medium Product pom artifactid oro Highest Product jar package name oro Highest Product file name oro High Product manifest: org/apache/oro Specification-Title Jakarta ORO Medium Version pom version 2.0.8 Highest Version file version 2.0.8 High
pfl-basic-4.1.0.jarDescription:
Basic functions License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\pfl\pfl-basic\4.1.0\pfl-basic-4.1.0.jar
MD5: 48f0c5a0c0d064f37d82f96781871d4a
SHA1: 4088e61ee9cdaa7f5b1bb62d2ac7c93e114f45d5
SHA256: 6b9be9addaf18a574557a4d9905d83c7d12c92703a5e2995ba345ce840c732fe
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.glassfish.pfl Highest Vendor pom name PFL Basic High Vendor jar package name org Highest Vendor pom parent-groupid org.glassfish.pfl Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor pom groupid glassfish.pfl Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name basic Highest Vendor Manifest multi-release true Low Vendor Manifest bundle-symbolicname org.glassfish.pfl.pfl-basic Medium Vendor jar package name glassfish Highest Vendor pom parent-artifactid pfl Low Vendor jar package name pfl Highest Vendor pom artifactid pfl-basic Low Vendor file name pfl-basic High Product pom parent-artifactid pfl Medium Product pom name PFL Basic High Product jar package name org Highest Product pom parent-groupid org.glassfish.pfl Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest Bundle-Name PFL Basic Medium Product pom groupid glassfish.pfl Highest Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name basic Highest Product Manifest multi-release true Low Product Manifest bundle-symbolicname org.glassfish.pfl.pfl-basic Medium Product jar package name glassfish Highest Product pom artifactid pfl-basic Highest Product jar package name pfl Highest Product file name pfl-basic High Version Manifest Bundle-Version 4.1.0 High Version pom version 4.1.0 Highest Version file version 4.1.0 High
pfl-tf-4.1.0.jarDescription:
GMBAL- Java EE Primative Function Library License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\glassfish\pfl\pfl-tf\4.1.0\pfl-tf-4.1.0.jar
MD5: 86978b6b159f43a6b6564063817b5f46
SHA1: a4c43707fccbb7124ef8446b08cf44f67ef49123
SHA256: 973048449d4963d63c960de0300e1ac775c76bd04fd05f49233f9f8a6d995bb6
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.glassfish.pfl.pfl-tf Medium Vendor pom groupid org.glassfish.pfl Highest Vendor pom parent-groupid org.glassfish.pfl Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor pom groupid glassfish.pfl Highest Vendor file name pfl-tf High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name glassfish Highest Vendor pom artifactid pfl-tf Low Vendor pom parent-artifactid pfl Low Vendor jar package name pfl Highest Vendor pom name PFL TF High Vendor jar package name tf Highest Product Manifest Bundle-Name PFL TF Medium Product Manifest bundle-symbolicname org.glassfish.pfl.pfl-tf Medium Product pom parent-artifactid pfl Medium Product pom parent-groupid org.glassfish.pfl Medium Product Manifest bundle-docurl https://www.eclipse.org Low Product pom groupid glassfish.pfl Highest Product file name pfl-tf High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name glassfish Highest Product jar package name pfl Highest Product pom artifactid pfl-tf Highest Product pom name PFL TF High Product jar package name tf Highest Version Manifest Bundle-Version 4.1.0 High Version pom version 4.1.0 Highest Version file version 4.1.0 High
picocli-4.1.4.jarDescription:
Java command line parser with both an annotations API and a programmatic API. Usage help with ANSI styles and colors. Autocomplete. Nested subcommands. Easily included as source to avoid adding a dependency. License:
The Apache Software License, version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\info\picocli\picocli\4.1.4\picocli-4.1.4.jar
MD5: 28605e00382694eb4944d5edb340cb5b
SHA1: e9ac7856611815391f85ac66c8ceadacb51250b5
SHA256: 4649b93987327cbd4abb44bd24870ff49e3f8faf2fd5c32c0ade28ec9c213687
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor Remko Popma High Vendor Manifest specification-vendor Remko Popma Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Vendor Manifest bundle-symbolicname picocli Medium Vendor pom artifactid picocli Low Vendor pom groupid info.picocli Highest Vendor Manifest multi-release true Low Vendor jar package name autocomplete Highest Vendor file name picocli High Vendor jar package name picocli Highest Vendor pom url http://picocli.info Highest Vendor pom name picocli - a mighty tiny Command Line Interface High Product pom url http://picocli.info Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.5))" Low Product Manifest bundle-symbolicname picocli Medium Product Manifest Implementation-Title picocli High Product Manifest specification-title picocli Medium Product pom groupid info.picocli Highest Product Manifest multi-release true Low Product jar package name autocomplete Highest Product file name picocli High Product jar package name picocli Highest Product pom artifactid picocli Highest Product Manifest Bundle-Name picocli Medium Product pom name picocli - a mighty tiny Command Line Interface High Version Manifest Implementation-Version 4.1.4 High Version Manifest Bundle-Version 4.1.4 High Version pom version 4.1.4 Highest Version file version 4.1.4 High
platform-3.5.2.jarDescription:
Java Native Access Platform License:
LGPL, version 2.1: http://creativecommons.org/licenses/LGPL/2.1/ File Path: C:\Users\Jeremy\.m2\repository\net\java\dev\jna\platform\3.5.2\platform-3.5.2.jar
MD5: 43cce16a28f282aba113f262a2a55288
SHA1: beac07d13858ef3697ceeab43897d70aeb5113c9
SHA256: f8e0682aaac407b6e039c66c22f45cfca12ef00038f4a319045037461f19b714
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name jna Low Vendor jar package name sun Low Vendor jar (hint) package name oracle Low Vendor file name platform High Vendor jar package name platform Low Vendor pom url twall/jna Highest Vendor jar package name jna Highest Vendor jar package name platform Highest Vendor pom artifactid platform Low Vendor pom name Java Native Access Platform High Vendor pom groupid net.java.dev.jna Highest Product jar package name jna Low Product pom url twall/jna High Product file name platform High Product jar package name win32 Low Product pom artifactid platform Highest Product jar package name platform Low Product jar package name jna Highest Product jar package name platform Highest Product pom name Java Native Access Platform High Product pom groupid net.java.dev.jna Highest Version pom version 3.5.2 Highest Version file version 3.5.2 High
plexus-archiver-4.2.1.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-archiver\4.2.1\plexus-archiver-4.2.1.jarMD5: 51d59edfd8cdcbfded7087294b070effSHA1: 87ef88f65d61e0deee4403c145a26d2e273d30cfSHA256: c5bb0a59716c337125e8c760f55ebea9a8f7cc30194c54df3d2ae7258a6f9e35Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name plexus-archiver High Vendor pom parent-artifactid plexus Low Vendor pom artifactid plexus-archiver Low Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor jar package name codehaus Highest Vendor pom name Plexus Archiver Component High Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor jar package name archiver Low Vendor pom groupid org.codehaus.plexus Highest Vendor jar package name archiver Highest Vendor jar package name codehaus Low Product file name plexus-archiver High Product jar package name archiver Highest Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name codehaus Highest Product pom name Plexus Archiver Component High Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product pom parent-artifactid plexus Medium Product jar package name archiver Low Product pom artifactid plexus-archiver Highest Version pom parent-version 4.2.1 Low Version file version 4.2.1 High Version pom version 4.2.1 Highest
plexus-build-api-0.0.7.jarFile Path: C:\Users\Jeremy\.m2\repository\org\sonatype\plexus\plexus-build-api\0.0.7\plexus-build-api-0.0.7.jarMD5: 49f0f8c6bdf2687e358870a4fc1559c6SHA1: e6ba5cd4bfd8de00235af936e7f63eb24ed436e6SHA256: 934171640fbd3d2495c50b79b0d9adb11e2c83e65bad157df8fe34bcac0ff798Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.sonatype.plexus Highest Vendor pom groupid sonatype.plexus Highest Vendor file name plexus-build-api High Vendor jar package name plexus Highest Vendor jar package name build Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor jar package name plexus Low Vendor jar package name build Highest Vendor jar package name sonatype Low Vendor pom parent-artifactid spice-parent Low Vendor jar package name sonatype Highest Vendor pom artifactid plexus-build-api Low Product jar package name build Highest Product pom parent-artifactid spice-parent Medium Product pom groupid sonatype.plexus Highest Product file name plexus-build-api High Product jar package name plexus Highest Product jar package name sonatype Highest Product jar package name build Low Product pom parent-groupid org.sonatype.spice Medium Product jar package name plexus Low Product jar package name incremental Low Product pom artifactid plexus-build-api Highest Version file version 0.0.7 High Version pom version 0.0.7 Highest Version pom parent-version 0.0.7 Low
plexus-cipher-1.4.jarFile Path: C:\Users\Jeremy\.m2\repository\org\sonatype\plexus\plexus-cipher\1.4\plexus-cipher-1.4.jarMD5: 7b2d6fcf0d5800d5b1ce09d98d98dcafSHA1: 50ade46f23bb38cd984b4ec560c46223432aac38SHA256: 5a15fdba22669e0fdd06e10dcce6320879e1f7398fbc910cd0677b50672a78c4Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://spice.sonatype.org/${project.artifactId} Highest Vendor pom groupid org.sonatype.plexus Highest Vendor pom groupid sonatype.plexus Highest Vendor jar package name plexus Highest Vendor pom artifactid plexus-cipher Low Vendor pom parent-groupid org.sonatype.spice Medium Vendor jar package name plexus Low Vendor jar package name cipher Highest Vendor jar package name sonatype Low Vendor pom parent-artifactid spice-parent Low Vendor jar package name sonatype Highest Vendor file name plexus-cipher High Vendor pom name Plexus Cipher: encryption/decryption Component High Vendor jar package name components Low Product pom parent-artifactid spice-parent Medium Product jar package name cipher Low Product pom groupid sonatype.plexus Highest Product jar package name plexus Highest Product pom parent-groupid org.sonatype.spice Medium Product jar package name plexus Low Product jar package name cipher Highest Product jar package name sonatype Highest Product file name plexus-cipher High Product pom url http://spice.sonatype.org/${project.artifactId} Medium Product pom artifactid plexus-cipher Highest Product pom name Plexus Cipher: encryption/decryption Component High Product jar package name components Low Version pom version 1.4 Highest Version file version 1.4 High Version pom parent-version 1.4 Low
plexus-classworlds-2.2.3.jarDescription:
A class loader framework File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-classworlds\2.2.3\plexus-classworlds-2.2.3.jarMD5: e6673b3089c11931211b77d24bbc4f8eSHA1: 93b34d7a40ed56fe33274480c5792b656d3697a9SHA256: 7d95ad21733b060bfda2142b62439a196bde7644f9f127c299ae86d92179b518Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid plexus Low Vendor jar package name classworlds Highest Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor jar package name classworlds Low Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor file name plexus-classworlds High Vendor pom artifactid plexus-classworlds Low Vendor pom name Plexus Classworlds High Vendor jar package name codehaus Low Product jar package name classworlds Highest Product pom artifactid plexus-classworlds Highest Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product pom name Plexus Classworlds High Product jar package name classworlds Low Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product pom parent-artifactid plexus Medium Product file name plexus-classworlds High Version pom parent-version 2.2.3 Low Version file version 2.2.3 High Version pom version 2.2.3 Highest
plexus-compiler-api-2.8.4.jarDescription:
Plexus Compilers component's API to manipulate compilers. File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-compiler-api\2.8.4\plexus-compiler-api-2.8.4.jarMD5: 51cbdd77c8b72efc31fd46128fc52cc7SHA1: ab13f02c237842b1d81b531fafd27f3c13585a37SHA256: ea80e16c7b10200ad7fbc7d6ebb244b30243e299648c7f9d1329720aec6dd3feReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name plexus-compiler-api High Vendor jar package name compiler Highest Vendor pom artifactid plexus-compiler-api Low Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom parent-artifactid plexus-compiler Low Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Compiler Api High Vendor jar package name codehaus Low Vendor jar package name compiler Low Product file name plexus-compiler-api High Product jar package name compiler Highest Product pom name Plexus Compiler Api High Product pom artifactid plexus-compiler-api Highest Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.plexus Medium Product pom parent-artifactid plexus-compiler Medium Product jar package name plexus Low Product jar package name compiler Low Version pom version 2.8.4 Highest Version file version 2.8.4 High
plexus-compiler-javac-2.8.4.jarDescription:
Javac Compiler support for Plexus Compiler component. File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-compiler-javac\2.8.4\plexus-compiler-javac-2.8.4.jarMD5: f93015b3922f207568720b89eb690602SHA1: 4a2c03bf7663dff8fd512cc1a7adecacf1a2249bSHA256: a37a6d56a32bd0861d53d817c4c81088c87f9e4601caed01eaec4ede7fa4677aReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name compiler Highest Vendor file name plexus-compiler-javac High Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom artifactid plexus-compiler-javac Low Vendor jar package name codehaus Highest Vendor pom name Plexus Javac Component High Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom parent-artifactid plexus-compilers Low Vendor jar package name javac Highest Vendor jar package name codehaus Low Vendor jar package name compiler Low Product jar package name compiler Highest Product file name plexus-compiler-javac High Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name codehaus Highest Product pom name Plexus Javac Component High Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product pom parent-artifactid plexus-compilers Medium Product jar package name javac Low Product jar package name javac Highest Product jar package name compiler Low Product pom artifactid plexus-compiler-javac Highest Version pom version 2.8.4 Highest Version file version 2.8.4 High
plexus-compiler-manager-2.8.4.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-compiler-manager\2.8.4\plexus-compiler-manager-2.8.4.jarMD5: 9a0fd1ad75ae0dc3f41e21cce5405f20SHA1: 43b09c6b1831e962259634ac9ae2e6ac0467560eSHA256: ec139721f45f8986fbee1cc45f428cd036fe5ed434959048d5d10d3eb73b5731Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name compiler Highest Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom parent-artifactid plexus-compiler Low Vendor file name plexus-compiler-manager High Vendor jar package name codehaus Highest Vendor pom artifactid plexus-compiler-manager Low Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Compiler Manager High Vendor jar package name codehaus Low Vendor jar package name manager Highest Vendor jar package name compiler Low Product jar package name compiler Highest Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product file name plexus-compiler-manager High Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.plexus Medium Product pom parent-artifactid plexus-compiler Medium Product jar package name plexus Low Product jar package name manager Low Product pom artifactid plexus-compiler-manager Highest Product pom name Plexus Compiler Manager High Product jar package name manager Highest Product jar package name compiler Low Version pom version 2.8.4 Highest Version file version 2.8.4 High
plexus-component-annotations-2.0.0.jarDescription:
Plexus Component "Java 5" Annotations, to describe plexus components properties in java sources with
standard annotations instead of javadoc annotations.
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-component-annotations\2.0.0\plexus-component-annotations-2.0.0.jarMD5: be18d50372002ba958de0ae4850b18a7SHA1: 6897b9fa8b67c900b52996f845e2d179eea13441SHA256: 405eef6fc9188241ec88579c3e473f5c8997455c69bcd62e142492aca15106bcReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Plexus :: Component Annotations High Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor file name plexus-component-annotations High Vendor pom artifactid plexus-component-annotations Low Vendor jar package name annotations Highest Vendor pom parent-artifactid plexus-containers Low Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor jar package name component Low Vendor jar package name component Highest Vendor jar package name codehaus Low Product pom artifactid plexus-component-annotations Highest Product pom name Plexus :: Component Annotations High Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product file name plexus-component-annotations High Product jar package name annotations Highest Product jar package name codehaus Highest Product pom parent-artifactid plexus-containers Medium Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product jar package name component Low Product jar package name component Highest Product jar package name annotations Low Version file version 2.0.0 High Version pom version 2.0.0 Highest
plexus-container-default-2.1.0.jarDescription:
The Plexus IoC container API and its default implementation.
File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-container-default\2.1.0\plexus-container-default-2.1.0.jarMD5: 38bb4378dcf8868a6ef203b0f4a2ddaeSHA1: c189df3d30aa7707c36aa2746fae55ebe11d711eSHA256: 6dceb1246b188153bdcb6f962d543d51ddb672cca07cad94a78fbabc9edf0a39Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Plexus :: Default Container High Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor jar package name container Highest Vendor pom parent-artifactid plexus-containers Low Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor jar package name component Low Vendor file name plexus-container-default High Vendor pom artifactid plexus-container-default Low Vendor jar package name codehaus Low Product pom name Plexus :: Default Container High Product file name plexus-container-default High Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name container Highest Product pom artifactid plexus-container-default Highest Product jar package name codehaus Highest Product pom parent-artifactid plexus-containers Medium Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product jar package name component Low Version file version 2.1.0 High Version pom version 2.1.0 Highest
plexus-digest-1.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-digest\1.0\plexus-digest-1.0.jarMD5: d068135769a92c23daccbc722ba4658eSHA1: 5f6a5a5140cd39e8c987cf6c31429d917b31166eSHA256: d88701a0c1097f97256be35f788dccc4a9c9d377cafc9184d23c262f0e1aff18Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name digest Low Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom parent-artifactid plexus-components Low Vendor file name plexus-digest High Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus Digest / Hashcode Components High Vendor pom artifactid plexus-digest Low Vendor jar package name codehaus Low Vendor jar package name digest Highest Product jar package name digest Low Product pom parent-artifactid plexus-components Medium Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product pom name Plexus Digest / Hashcode Components High Product file name plexus-digest High Product jar package name codehaus Highest Product pom artifactid plexus-digest Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product jar package name digest Highest Version pom parent-version 1.0 Low Version file version 1.0 High Version pom version 1.0 Highest
plexus-i18n-1.0-beta-10.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-i18n\1.0-beta-10\plexus-i18n-1.0-beta-10.jarMD5: 7f36c0459c853750c627f682ec7bcf52SHA1: 27506f59e54cc80b8c28b977c2bcd0478094e0ccSHA256: b87f25b512ffafcafbf4a05ab943812e9c6915291370c6b46016eb3836886c41Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name plexus-i18n High Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom artifactid plexus-i18n Low Vendor pom parent-artifactid plexus-components Low Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor jar package name i18n Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom name Plexus I18N Component High Vendor jar package name codehaus Low Vendor jar package name i18n Highest Product file name plexus-i18n High Product pom artifactid plexus-i18n Highest Product pom parent-artifactid plexus-components Medium Product pom name Plexus I18N Component High Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product jar package name i18n Low Product jar package name i18n Highest Version pom version 1.0-beta-10 Highest Version pom parent-version 1.0-beta-10 Low
plexus-interactivity-api-1.0-alpha-6.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-interactivity-api\1.0-alpha-6\plexus-interactivity-api-1.0-alpha-6.jarMD5: 4f3e3b8a34729e317e4c2484016ca151SHA1: c06f0eb818633033f09a87d14c4cfb6f39af9a37SHA256: 4009db61dc8bc1ab5895bf5195718fd4df84998409e15acfb9aa796895ceddbfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name plexus-interactivity-api High Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor pom parent-artifactid plexus-interactivity Low Vendor pom name Plexus Default Interactivity Handler High Vendor jar package name interactivity Highest Vendor jar package name components Low Vendor jar package name codehaus Low Vendor pom artifactid plexus-interactivity-api Low Product file name plexus-interactivity-api High Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name codehaus Highest Product pom artifactid plexus-interactivity-api Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product jar package name interactivity Low Product pom name Plexus Default Interactivity Handler High Product jar package name interactivity Highest Product jar package name components Low Product pom parent-artifactid plexus-interactivity Medium Version pom version 1.0-alpha-6 Highest
plexus-interpolation-1.25.jarDescription:
The Plexus project provides a full software stack for creating and executing software projects. License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-interpolation\1.25\plexus-interpolation-1.25.jar
MD5: 86cc99a26f3b3caa0fc2c8c77f4c03b0
SHA1: 3b37b3335e6a97e11e690bbdc22ade1a5deb74d6
SHA256: e003802501574637f7abdc4e83e6d509a31e9ff825d12da6d1e419acf9688705
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid plexus Low Vendor pom artifactid plexus-interpolation Low Vendor jar package name plexus Highest Vendor pom groupid codehaus.plexus Highest Vendor jar package name interpolation Highest Vendor file name plexus-interpolation High Vendor jar package name codehaus Highest Vendor Manifest bundle-symbolicname org.codehaus.plexus.interpolation Medium Vendor pom parent-groupid org.codehaus.plexus Medium Vendor pom groupid org.codehaus.plexus Highest Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Vendor pom name Plexus Interpolation API High Product jar package name plexus Highest Product pom groupid codehaus.plexus Highest Product pom artifactid plexus-interpolation Highest Product jar package name interpolation Highest Product file name plexus-interpolation High Product jar package name codehaus Highest Product Manifest Bundle-Name Plexus Interpolation API Medium Product Manifest bundle-symbolicname org.codehaus.plexus.interpolation Medium Product pom parent-groupid org.codehaus.plexus Medium Product pom parent-artifactid plexus Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product Manifest bundle-docurl http://codehaus-plexus.github.io/ Low Product pom name Plexus Interpolation API High Version file version 1.25 High Version pom parent-version 1.25 Low Version pom version 1.25 Highest
plexus-io-3.2.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-io\3.2.0\plexus-io-3.2.0.jarMD5: 10e377cecbafa25cd80de1207be4b685SHA1: 0f7d52906fe1b21b06fa046a98d6c15c4e595c5eSHA256: 15cf8cbd9e014b7156482bbb48e515613158bdd9b4b908d21e6b900f7876f6ffReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid plexus-io Low Vendor pom parent-artifactid plexus Low Vendor file name plexus-io High Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor jar package name io Highest Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor jar package name components Highest Vendor pom name Plexus IO Components High Vendor jar package name components Low Vendor jar package name codehaus Low Product file name plexus-io High Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name io Highest Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product pom artifactid plexus-io Highest Product pom parent-artifactid plexus Medium Product jar package name components Highest Product jar package name io Low Product pom name Plexus IO Components High Product jar package name components Low Version pom version 3.2.0 Highest Version pom parent-version 3.2.0 Low Version file version 3.2.0 High
plexus-java-0.9.10.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-java\0.9.10\plexus-java-0.9.10.jarMD5: 8aa5642de92019a8624dfb03bb68854bSHA1: 269ef3b88d500716f958a8e2b78561f34d50df80SHA256: 9f4c82ea85ccad3c8bb6ae8101ed760aabf5b33b529586a8bd5d1e3d3ab67f1bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name org Highest Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor jar package name languages Highest Vendor pom artifactid plexus-java Low Vendor file name plexus-java High Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name java Highest Vendor pom groupid org.codehaus.plexus Highest Vendor Manifest multi-release true Low Vendor pom name Plexus Languages :: Java High Vendor pom parent-artifactid plexus-languages Low Product jar package name org Highest Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name languages Highest Product pom parent-artifactid plexus-languages Medium Product file name plexus-java High Product jar package name codehaus Highest Product pom artifactid plexus-java Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name java Highest Product Manifest multi-release true Low Product pom name Plexus Languages :: Java High Version pom version 0.9.10 Highest Version file version 0.9.10 High
plexus-resources-1.1.0.jarDescription:
A component to transparently retrieve resources from the filesystem, classpath or internet. File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-resources\1.1.0\plexus-resources-1.1.0.jarMD5: 648264756a2d4c36ebce3d8af74c4a12SHA1: 503d473a949a338986104f209a9f805637ffcebfSHA256: 566b1327407ec37f25d429831b7e61adb8d4c6fafb37bb9aec978e64e761f03cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Plexus Resource Component High Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom parent-artifactid plexus-components Low Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor jar package name resource Highest Vendor pom groupid org.codehaus.plexus Highest Vendor file name plexus-resources High Vendor jar package name codehaus Low Vendor pom artifactid plexus-resources Low Vendor jar package name resource Low Product pom name Plexus Resource Component High Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name loader Low Product jar package name codehaus Highest Product pom artifactid plexus-resources Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product jar package name resource Highest Product pom parent-artifactid plexus-components Medium Product file name plexus-resources High Product jar package name resource Low Version file version 1.1.0 High Version pom version 1.1.0 Highest Version pom parent-version 1.1.0 Low
plexus-sec-dispatcher-1.4.jarFile Path: C:\Users\Jeremy\.m2\repository\org\sonatype\plexus\plexus-sec-dispatcher\1.4\plexus-sec-dispatcher-1.4.jarMD5: 0a46e5bc9bc2fbd3b68091066aff2737SHA1: 43fde524e9b94c883727a9fddb8669181b890ea7SHA256: da73e32b58132e64daf12269fd9d011c0b303f234840f179908725a632b6b57cReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://spice.sonatype.org/${project.artifactId} Highest Vendor pom groupid org.sonatype.plexus Highest Vendor file name plexus-sec-dispatcher High Vendor pom groupid sonatype.plexus Highest Vendor pom name Plexus Security Dispatcher Component High Vendor pom artifactid plexus-sec-dispatcher Low Vendor jar package name plexus Highest Vendor pom parent-groupid org.sonatype.spice Medium Vendor jar package name plexus Low Vendor jar package name sonatype Low Vendor pom parent-artifactid spice-parent Low Vendor jar package name sec Highest Vendor jar package name sonatype Highest Vendor jar package name components Low Product pom parent-artifactid spice-parent Medium Product file name plexus-sec-dispatcher High Product pom groupid sonatype.plexus Highest Product pom name Plexus Security Dispatcher Component High Product jar package name plexus Highest Product pom artifactid plexus-sec-dispatcher Highest Product pom parent-groupid org.sonatype.spice Medium Product jar package name sec Low Product jar package name plexus Low Product jar package name sec Highest Product jar package name sonatype Highest Product pom url http://spice.sonatype.org/${project.artifactId} Medium Product jar package name components Low Version pom version 1.4 Highest Version file version 1.4 High Version pom parent-version 1.4 Low
plexus-utils-2.0.7.jarDescription:
A collection of various utility classes to ease working with strings, files, command lines, XML and more. File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-utils\2.0.7\plexus-utils-2.0.7.jarMD5: 4f0074d58c0d7394acbf9eb62dc59f96SHA1: f87d2c4f40c73eeab2eb205b120667cfe5dc29a7SHA256: 3c96ee6b1e420ecb1a5caf0ee03964294c16c342c626707212cbef0878fb3acfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid plexus Low Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom name Plexus Common Utilities High Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor jar package name util Low Vendor jar package name xml Highest Vendor pom artifactid plexus-utils Low Vendor pom url http://plexus.codehaus.org/plexus-utils Highest Vendor file name plexus-utils High Vendor jar package name codehaus Low Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product pom name Plexus Common Utilities High Product pom artifactid plexus-utils Highest Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Product pom parent-artifactid plexus Medium Product jar package name util Low Product jar package name xml Highest Product pom url http://plexus.codehaus.org/plexus-utils Medium Product file name plexus-utils High Version pom version 2.0.7 Highest Version file version 2.0.7 High
Published Vulnerabilities CVE-2017-1000487 suppress
Plexus-utils before 3.0.16 is vulnerable to command injection because it does not correctly process the contents of double quoted strings. CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions:
Directory traversal in org.codehaus.plexus.util.Expand (OSSINDEX) suppress
> org.codehaus.plexus.util.Expand does not guard against directory traversal, but such protection is generally expected from unarchiving tools.
>
> -- [github.com](https://github.com/codehaus-plexus/plexus-utils/issues/4) Unscored:
References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.codehaus.plexus:plexus-utils:2.0.7:*:*:*:*:*:*:* Possible XML Injection (OSSINDEX) suppress
> `org.codehaus.plexus.util.xml.XmlWriterUtil#writeComment(XMLWriter, String, int, int, int)` does not check if the comment includes a `"-->"` sequence. This means that text contained in the command string could be interpreted as XML, possibly leading to XML injection issues, depending on how this method is being called.
>
> -- [github.com](https://github.com/codehaus-plexus/plexus-utils/issues/3) Unscored:
References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.codehaus.plexus:plexus-utils:2.0.7:*:*:*:*:*:*:* plexus-velocity-1.2.jarFile Path: C:\Users\Jeremy\.m2\repository\org\codehaus\plexus\plexus-velocity\1.2\plexus-velocity-1.2.jarMD5: 7d7805136e8165f53c944612a809f1a6SHA1: 1331b9d6bbf99ead362c68c2f318ebe5fedda598SHA256: b4c4a0dbeacad54306a1ae230eff5ab45d58e3ab88c86ab7245d3a0772be57abReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name velocity Highest Vendor jar package name velocity Low Vendor pom groupid codehaus.plexus Highest Vendor jar package name plexus Highest Vendor pom parent-artifactid plexus-components Low Vendor jar package name codehaus Highest Vendor pom parent-groupid org.codehaus.plexus Medium Vendor jar package name plexus Low Vendor pom groupid org.codehaus.plexus Highest Vendor file name plexus-velocity High Vendor pom artifactid plexus-velocity Low Vendor pom name Plexus Velocity Component High Vendor jar package name codehaus Low Product file name plexus-velocity High Product jar package name velocity Highest Product pom parent-artifactid plexus-components Medium Product pom name Plexus Velocity Component High Product jar package name velocity Low Product pom artifactid plexus-velocity Highest Product pom groupid codehaus.plexus Highest Product jar package name plexus Highest Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.plexus Medium Product jar package name plexus Low Version file version 1.2 High Version pom version 1.2 Highest Version pom parent-version 1.2 Low
pmd-core-6.29.0.jarFile Path: C:\Users\Jeremy\.m2\repository\net\sourceforge\pmd\pmd-core\6.29.0\pmd-core-6.29.0.jarMD5: ba17e462d1aacd5824fc093912f7a9eaSHA1: 97a0087db3207564a0f78f1e99f625ee81c445c9SHA256: b32b3a27f8b871715eecca211e14bbb61fa81f8ce46d738c451e770043325ae8Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name net Highest Vendor pom artifactid pmd-core Low Vendor pom parent-artifactid pmd Low Vendor pom name PMD Core High Vendor pom groupid net.sourceforge.pmd Highest Vendor jar package name sourceforge Highest Vendor jar package name pmd Highest Vendor Manifest build-jdk-spec 11 Low Vendor file name pmd-core High Product jar package name net Highest Product pom name PMD Core High Product pom parent-artifactid pmd Medium Product pom groupid net.sourceforge.pmd Highest Product jar package name sourceforge Highest Product pom artifactid pmd-core Highest Product jar package name pmd Highest Product Manifest build-jdk-spec 11 Low Product file name pmd-core High Version pom version 6.29.0 Highest Version file version 6.29.0 High
Related Dependencies pmd-javascript-6.29.0.jarFile Path: C:\Users\Jeremy\.m2\repository\net\sourceforge\pmd\pmd-javascript\6.29.0\pmd-javascript-6.29.0.jar MD5: f4e2a2ab98008f9ece9a53f8a9565b3b SHA1: fb0b929b93b36a37c38152253ec2a061fca231cf SHA256: 1551e784db17cc156e0a76434c1364ea42a7a3ad08d32b9f8b88ad5454f5d54a pkg:maven/net.sourceforge.pmd/pmd-javascript@6.29.0 pmd-java-6.29.0.jarFile Path: C:\Users\Jeremy\.m2\repository\net\sourceforge\pmd\pmd-java\6.29.0\pmd-java-6.29.0.jar MD5: 65a91630b728710a64c75f33d90264d1 SHA1: f8e278c9341b7f1c1af0537ffa3f3dcff04b37e8 SHA256: b83a3bd4f79aee9b1fb829fdd9513fd7dd89868102dc08b486af96368103bd4d pkg:maven/net.sourceforge.pmd/pmd-java@6.29.0 pmd-jsp-6.29.0.jarFile Path: C:\Users\Jeremy\.m2\repository\net\sourceforge\pmd\pmd-jsp\6.29.0\pmd-jsp-6.29.0.jar MD5: afeeeb248d55bad6fcdd3cb896c56db5 SHA1: b9c815b145dea4fd538ea6f1c7f453ffd7b31ae9 SHA256: 5a4cafc5e425712181abd99d4df11189dc4e9940befb0945a38609fb4aa03e1e pkg:maven/net.sourceforge.pmd/pmd-jsp@6.29.0 policy-2.7.10.jarDescription:
WS-Policy implementation for Project Metro License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\ws\policy\2.7.10\policy-2.7.10.jar
MD5: ef5d02c9beda300d14d4fdcc91db74b3
SHA1: bb625b47077e7d5a1cee739809770ef21686f1d0
SHA256: ad12eaf70be2f0e24bdf5ef1ccfaae466a0e46b09a629b5ccf2a3031730a40a3
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id com.sun.xml.ws Medium Vendor pom url eclipse-ee4j/metro-policy Highest Vendor jar package name ws Highest Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor file name policy High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name sun Highest Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor jar package name xml Highest Vendor pom groupid sun.xml.ws Highest Vendor pom parent-artifactid project Low Vendor jar package name policy Highest Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor hint analyzer vendor web services Medium Vendor pom groupid com.sun.xml.ws Highest Vendor Manifest implementation-url https://github.com/eclipse-ee4j/metro-policy Low Vendor jar (hint) package name oracle Highest Vendor pom artifactid policy Low Vendor Manifest build-jdk-spec 11 Low Vendor Manifest implementation-build-id 2.7.10 - cf11b65 Low Vendor pom name policy High Vendor Manifest bundle-symbolicname com.sun.xml.ws.policy Medium Product pom parent-artifactid project Medium Product jar package name ws Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product hint analyzer product web services Medium Product file name policy High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name sun Highest Product pom artifactid policy Highest Product pom parent-groupid org.eclipse.ee4j Medium Product jar package name xml Highest Product pom groupid sun.xml.ws Highest Product Manifest Implementation-Title policy High Product jar package name policy Highest Product Manifest Bundle-Name policy Medium Product Manifest implementation-url https://github.com/eclipse-ee4j/metro-policy Low Product pom url eclipse-ee4j/metro-policy High Product Manifest build-jdk-spec 11 Low Product Manifest implementation-build-id 2.7.10 - cf11b65 Low Product pom name policy High Product Manifest bundle-symbolicname com.sun.xml.ws.policy Medium Version Manifest implementation-build-id 2.7.10 Low Version Manifest Implementation-Version 2.7.10 High Version Manifest Bundle-Version 2.7.10 High Version pom parent-version 2.7.10 Low Version pom version 2.7.10 Highest Version file version 2.7.10 High
qdox-2.0-M10.jarDescription:
QDox is a high speed, small footprint parser for extracting class/interface/method definitions from source files
complete with JavaDoc @tags. It is designed to be used by active code generators or documentation tools.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\thoughtworks\qdox\qdox\2.0-M10\qdox-2.0-M10.jar
MD5: 7de211e8bac0d98bc2df8861ecacdd37
SHA1: d6a5aa7645ecca9e3120e951a2b5e68130e4dedd
SHA256: 9e6142d64aa1d77597f9a6dde664688832b0a8a2ee4346a256fa693295b6365c
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name QDox High Vendor jar package name qdox Highest Vendor pom url paul-hammant/qdox Highest Vendor file name qdox High Vendor jar package name parser Highest Vendor jar package name tools Highest Vendor Manifest automatic-module-name com.thoughtworks.qdox Medium Vendor jar package name thoughtworks Highest Vendor pom groupid thoughtworks.qdox Highest Vendor pom artifactid qdox Low Vendor pom groupid com.thoughtworks.qdox Highest Product pom name QDox High Product pom artifactid qdox Highest Product jar package name qdox Highest Product file name qdox High Product jar package name parser Highest Product jar package name tools Highest Product Manifest automatic-module-name com.thoughtworks.qdox Medium Product jar package name thoughtworks Highest Product pom groupid thoughtworks.qdox Highest Product pom url paul-hammant/qdox High Version pom version 2.0-M10 Highest
regexp-1.3.jarFile Path: C:\Users\Jeremy\.m2\repository\regexp\regexp\1.3\regexp-1.3.jarMD5: 6dcdc325850e40b843cac2a25fb2121eSHA1: 973df2b78b67bcd3144c3dbbb88da691065a3f8dSHA256: 27998732ecd5745924644f891f41adaf73736fe259a0a20843979452574f0385Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid regexp Low Vendor pom groupid regexp Highest Vendor file name regexp High Vendor jar package name apache Low Vendor jar package name regexp Low Vendor jar package name regexp Highest Product pom artifactid regexp Highest Product pom groupid regexp Highest Product file name regexp High Product jar package name regexp Low Product jar package name regexp Highest Version file version 1.3 High Version pom version 1.3 Highest
rhino-1.7.7.2.jarDescription:
Rhino is an open-source implementation of JavaScript written entirely in Java. It is typically
embedded into Java applications to provide scripting to end users.
License:
Mozilla Public License, Version 2.0: http://www.mozilla.org/MPL/2.0/index.txt File Path: C:\Users\Jeremy\.m2\repository\org\mozilla\rhino\1.7.7.2\rhino-1.7.7.2.jar
MD5: e0e47c1fe053f70fa6feca20d8c3cb2c
SHA1: a7c4a9ba8b6922374580d71060ef71eafa994256
SHA256: 5c6dae050ceb71774a5fc82ce6e3f0392daf0ffa9ec3596f70d4d07ee50b8970
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mozilla Highest Vendor Manifest built-date 2017-08-24 Low Vendor pom url https://developer.mozilla.org/en/Rhino Highest Vendor pom artifactid rhino Low Vendor pom name Mozilla Rhino High Vendor Manifest Implementation-Vendor Mozilla Foundation High Vendor pom organization url http://www.mozilla.org Medium Vendor file name rhino High Vendor pom organization name The Mozilla Foundation High Vendor jar package name javascript Highest Vendor Manifest implementation-url http://www.mozilla.org/rhino Low Vendor pom groupid mozilla Highest Vendor Manifest built-time 14:46:18 Low Vendor pom groupid org.mozilla Highest Product jar package name mozilla Highest Product Manifest built-date 2017-08-24 Low Product Manifest Implementation-Title Mozilla Rhino High Product pom name Mozilla Rhino High Product pom artifactid rhino Highest Product file name rhino High Product pom organization url http://www.mozilla.org Low Product pom organization name The Mozilla Foundation Low Product jar package name javascript Highest Product Manifest implementation-url http://www.mozilla.org/rhino Low Product pom groupid mozilla Highest Product Manifest built-time 14:46:18 Low Product pom url https://developer.mozilla.org/en/Rhino Medium Version file version 1.7.7.2 High Version Manifest Implementation-Version 1.7.7.2 High Version pom version 1.7.7.2 Highest
rhino-1.7.7.2.jar: test.jsFile Path: C:\Users\Jeremy\.m2\repository\org\mozilla\rhino\1.7.7.2\rhino-1.7.7.2.jar\org\mozilla\javascript\tools\debugger\test.jsMD5: 3f4137118304ccd25816067cf8d1edd6SHA1: d3c7ae4c10cb6c7ac191cb65a39e53ba6a4e6cfbSHA256: 950d2db0a646488500b58ba76a02c33501a048708c083e3b743b73b16e105331Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence
saaj-impl-1.5.2.jarDescription:
Implementation of Jakarta SOAP with Attachments Specification
License:
http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\messaging\saaj\saaj-impl\1.5.2\saaj-impl-1.5.2.jar
MD5: dc234cc6118c5069bad43ea1e95f6812
SHA1: 21d07203e7d212681034c188ca3c6108212d526b
SHA256: 2d74a4ef75bc6ab4cdc06ed3732aae0b821dc108c75e3ca53fc7305207e74b5a
Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom name Jakarta SOAP Implementation High Vendor jar package name messaging Highest Vendor pom parent-artifactid metro-saaj Low Vendor Manifest bundle-symbolicname com.sun.xml.messaging.saaj.impl Medium Vendor pom artifactid saaj-impl Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom groupid com.sun.xml.messaging.saaj Highest Vendor jar package name sun Highest Vendor pom parent-groupid com.sun.xml.messaging.saaj Medium Vendor file name saaj-impl High Vendor Manifest Implementation-Vendor Oracle Corporation High Vendor jar package name xml Highest Vendor Manifest implementation-build-id 1.5.2 - 2487482 Low Vendor jar (hint) package name oracle Highest Vendor jar package name saaj Highest Vendor Manifest bundle-docurl http://www.oracle.com/ Low Vendor pom groupid sun.xml.messaging.saaj Highest Product pom artifactid saaj-impl Highest Product pom name Jakarta SOAP Implementation High Product jar package name messaging Highest Product Manifest bundle-symbolicname com.sun.xml.messaging.saaj.impl Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product jar package name sun Highest Product pom parent-groupid com.sun.xml.messaging.saaj Medium Product file name saaj-impl High Product jar package name xml Highest Product Manifest implementation-build-id 1.5.2 - 2487482 Low Product pom parent-artifactid metro-saaj Medium Product Manifest Implementation-Title Jakarta SOAP Implementation High Product Manifest Bundle-Name Jakarta SOAP Implementation Medium Product jar package name saaj Highest Product Manifest bundle-docurl http://www.oracle.com/ Low Product pom groupid sun.xml.messaging.saaj Highest Version file version 1.5.2 High Version Manifest implementation-build-id 1.5.2 Low Version pom version 1.5.2 Highest Version Manifest Bundle-Version 1.5.2 High Version Manifest Implementation-Version 1.5.2 High
sac-1.3.jarDescription:
SAC is a standard interface for CSS parsers. License:
The W3C Software License: http://www.w3.org/Consortium/Legal/copyright-software-19980720 File Path: C:\Users\Jeremy\.m2\repository\org\w3c\css\sac\1.3\sac-1.3.jar
MD5: eb04fa63fc70c722f2b8ec156166343b
SHA1: cdb2dcb4e22b83d6b32b93095f644c3462739e82
SHA256: 003785669f921aafe4f137468dd20a01a36111e94fd7449f26c16e7924d82d23
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom organization name World Wide Web Consortium High Vendor pom url http://www.w3.org/Style/CSS/SAC/ Highest Vendor pom name Simple API for CSS High Vendor pom groupid org.w3c.css Highest Vendor jar package name w3c Highest Vendor jar package name sac Highest Vendor jar package name css Highest Vendor file name sac High Vendor pom organization url http://www.w3.org/ Medium Vendor jar package name css Low Vendor jar package name sac Low Vendor pom artifactid sac Low Vendor jar package name w3c Low Vendor pom groupid w3c.css Highest Product pom organization url http://www.w3.org/ Low Product pom url http://www.w3.org/Style/CSS/SAC/ Medium Product pom name Simple API for CSS High Product jar package name w3c Highest Product pom artifactid sac Highest Product jar package name sac Highest Product jar package name css Highest Product file name sac High Product pom organization name World Wide Web Consortium Low Product jar package name css Low Product jar package name sac Low Product pom groupid w3c.css Highest Version file version 1.3 High Version pom version 1.3 Highest
saxon-9.1.0.8-dom.jarFile Path: C:\Users\Jeremy\.m2\repository\net\sourceforge\saxon\saxon\9.1.0.8\saxon-9.1.0.8-dom.jarMD5: 011a5b9638e13f026e35db7a5b32f526SHA1: d3bc6741b15bb4c57626708287a2417ab5f67ee6SHA256: c6cf3ecc7f4b65ab8b613d00fd9e9c0648a5aa03264a941ba0fd2da5339f917aReferenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor jar package name sf Low Vendor jar package name net Low Vendor jar package name saxon Low Vendor pom groupid net.sourceforge.saxon Highest Vendor file name saxon High Product jar package name sf Low Product pom artifactid saxon Highest Product jar package name saxon Low Product jar package name dom Low Product file name saxon High Version file version 9.1.0.8 High Version pom version 9.1.0.8 Highest
saxon-9.1.0.8.jarDescription:
Saxon a complete and conformant implementation of the XSLT 2.0, XQuery 1.0, and XPath 2.0 Recommendations published on 23 January 2007 by W3C
License:
Mozilla Public License Version 1.0: http://www.mozilla.org/MPL/MPL-1.0.txt File Path: C:\Users\Jeremy\.m2\repository\net\sourceforge\saxon\saxon\9.1.0.8\saxon-9.1.0.8.jar
MD5: 46c8543aa92a56da1f3d96e5f8fcb7b5
SHA1: 9ffdd08cb74563cbd431c845238b414e933a0483
SHA256: f3dcde81066c75db4ffca341d543555dbbbba7fff7ba6d1c2e7de1101dea394a
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name net Highest Vendor jar package name saxon Highest Vendor pom organization name sourceforge High Vendor pom url http://saxon.sourceforge.net/ Highest Vendor pom artifactid saxon Low Vendor Manifest project-name Saxon-B Medium Vendor pom organization url http://www.sourceforge.net Medium Vendor pom groupid net.sourceforge.saxon Highest Vendor file name saxon High Vendor pom name SaxonB High Product jar package name net Highest Product jar package name saxon Highest Product pom artifactid saxon Highest Product pom organization url http://www.sourceforge.net Low Product pom url http://saxon.sourceforge.net/ Medium Product Manifest project-name Saxon-B Medium Product pom groupid net.sourceforge.saxon Highest Product pom organization name sourceforge Low Product file name saxon High Product pom name SaxonB High Version file version 9.1.0.8 High Version pom version 9.1.0.8 Highest
sequence-library-1.0.2.jarDescription:
Textual Diff and Merge Library License:
Sequence Library License: http://www.svnkit.com/SEQUENCE-LICENSE.txt File Path: C:\Users\Jeremy\.m2\repository\de\regnis\q\sequence\sequence-library\1.0.2\sequence-library-1.0.2.jar
MD5: 1039789ad27c91fc5bd4fa71c4d30703
SHA1: 0531ae7f7a4eac050dbce729edae139c2e546464
SHA256: 2f36485bec6bb5f7ba97a40241462f3ce8b4dde2ad1acfe08ea3712450d9e7ea
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name regnis Highest Vendor jar package name q Highest Vendor pom groupid de.regnis.q.sequence Highest Vendor jar package name sequence Highest Vendor file name sequence-library High Vendor Manifest build-number r119_v20120508_2100 Low Vendor pom name Sequence Library High Vendor jar package name de Highest Vendor pom artifactid sequence-library Low Vendor pom url http://svn.svnkit.com/repos/3rdparty/de.regnigs.q.sequence Highest Product pom url http://svn.svnkit.com/repos/3rdparty/de.regnigs.q.sequence Medium Product jar package name regnis Highest Product jar package name q Highest Product pom groupid de.regnis.q.sequence Highest Product pom artifactid sequence-library Highest Product jar package name sequence Highest Product file name sequence-library High Product Manifest build-number r119_v20120508_2100 Low Product pom name Sequence Library High Product jar package name de Highest Version Manifest build-version 1.0.2 Medium Version file version 1.0.2 High Version pom version 1.0.2 Highest
sisu-guice-2.1.7-noaop.jarDescription:
Guice is a lightweight dependency injection framework for Java 5 and above License:
http://www.apache.org/licenses/LICENSE-2.0 File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\sisu\sisu-guice\2.1.7\sisu-guice-2.1.7-noaop.jar
MD5: f1d341b68fc25c53321eb00cf87b82b0
SHA1: 8cb56e976b8e0e7b23f2969c32bef7b830c6d6ed
SHA256: 240113a2f22fd1f0b182b32baecf0e7876b3a8e41f3c4da3335eeb9ffb24b9f4
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name guice Highest Vendor jar package name internal Low Vendor Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Vendor jar package name google Low Vendor Manifest bundle-docurl http://code.google.com/p/google-guice/ Low Vendor jar package name inject Low Vendor file name sisu-guice High Vendor Manifest bundle-symbolicname org.sonatype.sisu.sisu-guice-noaop Medium Vendor pom groupid org.sonatype.sisu Highest Product jar package name guice Highest Product jar package name internal Low Product Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Product Manifest Bundle-Name sisu-guice-noaop Medium Product jar package name google Highest Product Manifest bundle-docurl http://code.google.com/p/google-guice/ Low Product jar package name inject Low Product pom artifactid sisu-guice Highest Product file name sisu-guice High Product Manifest bundle-symbolicname org.sonatype.sisu.sisu-guice-noaop Medium Product jar package name dependency Highest Version file version 2.1.7 High Version pom version 2.1.7 Highest
sisu-guice-3.1.0-no_aop.jarDescription:
Patched build of Guice: a lightweight dependency injection framework for Java 5 and above License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\sisu\sisu-guice\3.1.0\sisu-guice-3.1.0-no_aop.jar
MD5: 19f877ae736fa153a545d0cf801dcec9
SHA1: 97c87d15d749c86b2be1b9809b28321a1d926c7f
SHA256: 4b76079f35407e5682aac1ecbe67afd5f430ae619044a9d6a413666a45750c25
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name singleton Highest Vendor jar package name google Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5,JavaSE-1.6 Low Vendor Manifest bundle-docurl http://code.google.com/p/google-guice/ Low Vendor jar package name inject Low Vendor pom groupid org.sonatype.sisu Highest Vendor jar package name guice Highest Vendor Manifest eclipse-extensibleapi true Low Vendor jar package name internal Low Vendor Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Vendor Manifest bundle-symbolicname org.sonatype.sisu.guice;singleton:=true Medium Vendor file name sisu-guice High Product jar package name singleton Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.5,JavaSE-1.6 Low Product jar package name google Highest Product Manifest bundle-docurl http://code.google.com/p/google-guice/ Low Product jar package name inject Low Product jar package name guice Highest Product Manifest eclipse-extensibleapi true Low Product jar package name internal Low Product Manifest bundle-copyright Copyright (C) 2006 Google Inc. Low Product Manifest Bundle-Name sisu-guice (no_aop) Medium Product Manifest bundle-symbolicname org.sonatype.sisu.guice;singleton:=true Medium Product pom artifactid sisu-guice Highest Product file name sisu-guice High Product jar package name dependency Highest Version file version 3.1.0 High Version pom version 3.1.0 Highest
sisu-inject-bean-1.4.2.jarLicense:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\sisu\sisu-inject-bean\1.4.2\sisu-inject-bean-1.4.2.jar
MD5: 400f9ca3cb77d34f159127769cb89e92
SHA1: 5cf37202afbaae899d63dd51b46d173df650af1b
SHA256: fb3160e1e3a7852b441016dbcc97a34e3cf4eeb8ceb9e82edf2729439858f080
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5,JavaSE-1.6 Low Vendor Manifest bundle-docurl http://www.sonatype.com Low Vendor pom groupid sonatype.sisu Highest Vendor pom parent-groupid org.sonatype.sisu.inject Medium Vendor pom groupid org.sonatype.sisu Highest Vendor jar package name guice Highest Vendor jar package name bean Highest Vendor jar package name sonatype Highest Vendor file name sisu-inject-bean High Vendor Manifest bundle-symbolicname org.sonatype.inject Medium Vendor pom name Sisu - Inject (JSR330 bean support) High Vendor jar package name inject Highest Vendor pom parent-artifactid guice-bean Low Vendor pom artifactid sisu-inject-bean Low Product Manifest bundle-requiredexecutionenvironment J2SE-1.5,JavaSE-1.6 Low Product Manifest bundle-docurl http://www.sonatype.com Low Product pom groupid sonatype.sisu Highest Product pom parent-groupid org.sonatype.sisu.inject Medium Product pom artifactid sisu-inject-bean Highest Product Manifest Bundle-Name Sisu - Inject (JSR330 bean support) Medium Product jar package name guice Highest Product jar package name bean Highest Product jar package name sonatype Highest Product file name sisu-inject-bean High Product Manifest bundle-symbolicname org.sonatype.inject Medium Product pom name Sisu - Inject (JSR330 bean support) High Product jar package name inject Highest Product pom parent-artifactid guice-bean Medium Version file version 1.4.2 High Version pom version 1.4.2 Highest Version Manifest Bundle-Version 1.4.2 High
sisu-inject-plexus-1.4.2.jarLicense:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\sonatype\sisu\sisu-inject-plexus\1.4.2\sisu-inject-plexus-1.4.2.jar
MD5: 9c1bfd74a76af0757b348554d9a1facc
SHA1: 53d863ed4879d4a43ad7aee7bc63f935cc513353
SHA256: a65e27aefbe74102d73cd7e3c5c7637021d294a9e7f33132f3c782a76714d0a3
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5,JavaSE-1.6 Low Vendor pom parent-artifactid guice-plexus Low Vendor Manifest bundle-docurl http://www.sonatype.com Low Vendor jar package name plexus Highest Vendor pom artifactid sisu-inject-plexus Low Vendor pom name Sisu - Inject (Plexus bean support) High Vendor pom groupid sonatype.sisu Highest Vendor pom parent-groupid org.sonatype.sisu.inject Medium Vendor file name sisu-inject-plexus High Vendor pom groupid org.sonatype.sisu Highest Vendor jar package name guice Highest Vendor Manifest bundle-symbolicname org.sonatype.inject.plexus Medium Vendor jar package name sonatype Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.5,JavaSE-1.6 Low Product jar package name plexus Highest Product Manifest bundle-docurl http://www.sonatype.com Low Product pom parent-artifactid guice-plexus Medium Product pom name Sisu - Inject (Plexus bean support) High Product pom artifactid sisu-inject-plexus Highest Product pom groupid sonatype.sisu Highest Product pom parent-groupid org.sonatype.sisu.inject Medium Product file name sisu-inject-plexus High Product jar package name guice Highest Product Manifest bundle-symbolicname org.sonatype.inject.plexus Medium Product Manifest Bundle-Name Sisu - Inject (Plexus bean support) Medium Product jar package name sonatype Highest Version file version 1.4.2 High Version pom version 1.4.2 Highest Version Manifest Bundle-Version 1.4.2 High
slf4j-api-1.7.21.jarDescription:
The slf4j API File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\slf4j-api\1.7.21\slf4j-api-1.7.21.jarMD5: c9be56284a92dcb2576679282eff80bfSHA1: 139535a69a4239db087de9bab0bee568bf8e0b70SHA256: 1d5aeb6bd98b0fdd151269eae941c05f6468a791ea0f1e68d8e7fe518af3e7dfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.slf4j Highest Vendor pom parent-groupid org.slf4j Medium Vendor pom artifactid slf4j-api Low Vendor pom name SLF4J API Module High Vendor Manifest bundle-symbolicname slf4j.api Medium Vendor file name slf4j-api High Vendor pom groupid slf4j Highest Vendor jar package name slf4j Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor pom url http://www.slf4j.org Highest Vendor pom parent-artifactid slf4j-parent Low Product pom parent-groupid org.slf4j Medium Product pom parent-artifactid slf4j-parent Medium Product Manifest Implementation-Title slf4j-api High Product Manifest bundle-symbolicname slf4j.api Medium Product file name slf4j-api High Product jar package name slf4j Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom url http://www.slf4j.org Medium Product pom name SLF4J API Module High Product pom groupid slf4j Highest Product pom artifactid slf4j-api Highest Product Manifest Bundle-Name slf4j-api Medium Version Manifest Bundle-Version 1.7.21 High Version Manifest Implementation-Version 1.7.21 High Version file version 1.7.21 High Version pom version 1.7.21 Highest
slf4j-log4j12-1.5.10.jarDescription:
The slf4j log4j-12 binding
File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\slf4j-log4j12\1.5.10\slf4j-log4j12-1.5.10.jarMD5: 352e66e47739f692221c4717353b939eSHA1: 08274abbf7065ca15cf877d199a8bf75dba87f36SHA256: a5d58086d24c524c09956d6464572f51935884cd2cb764b4eded7af796f8c30dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid slf4j-log4j12 Low Vendor pom groupid org.slf4j Highest Vendor pom parent-groupid org.slf4j Medium Vendor file name slf4j-log4j12 High Vendor Manifest bundle-symbolicname slf4j.log4j12 Medium Vendor pom name SLF4J LOG4J-12 Binding High Vendor pom groupid slf4j Highest Vendor jar package name slf4j Highest Vendor pom url http://www.slf4j.org Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.3 Low Vendor pom parent-artifactid slf4j-parent Low Product pom parent-groupid org.slf4j Medium Product pom parent-artifactid slf4j-parent Medium Product file name slf4j-log4j12 High Product Manifest bundle-symbolicname slf4j.log4j12 Medium Product Manifest Implementation-Title slf4j-log4j12 High Product jar package name slf4j Highest Product pom url http://www.slf4j.org Medium Product Manifest bundle-requiredexecutionenvironment J2SE-1.3 Low Product pom name SLF4J LOG4J-12 Binding High Product pom artifactid slf4j-log4j12 Highest Product pom groupid slf4j Highest Product Manifest Bundle-Name slf4j-log4j12 Medium Version Manifest Implementation-Version 1.5.10 High Version Manifest Bundle-Version 1.5.10 High Version file version 1.5.10 High Version pom version 1.5.10 Highest
slf4j-simple-2.0.0-alpha1.jarDescription:
SLF4J Simple binding File Path: C:\Users\Jeremy\.m2\repository\org\slf4j\slf4j-simple\2.0.0-alpha1\slf4j-simple-2.0.0-alpha1.jarMD5: 287ef1e3dc7ec9486b0fb81bf9419d59SHA1: d594af78d1ed5243920efdad3aac7703dd3622b6SHA256: 3b6f446dec6cb5e8a6b1c1e85d7d756cdc934fec688464cc6bd201d95cd387cfReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.slf4j Highest Vendor pom parent-groupid org.slf4j Medium Vendor pom artifactid slf4j-simple Low Vendor Manifest bundle-symbolicname slf4j.simple Medium Vendor jar package name slf4j Highest Vendor Manifest multi-release true Low Vendor pom parent-artifactid slf4j-parent Low Vendor jar package name simple Highest Vendor Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Vendor pom name SLF4J Simple Binding High Vendor pom groupid slf4j Highest Vendor file name slf4j-simple High Vendor pom url http://www.slf4j.org Highest Product pom parent-groupid org.slf4j Medium Product pom parent-artifactid slf4j-parent Medium Product Manifest bundle-symbolicname slf4j.simple Medium Product jar package name slf4j Highest Product pom url http://www.slf4j.org Medium Product Manifest multi-release true Low Product jar package name simple Highest Product Manifest bundle-requiredexecutionenvironment JavaSE-1.8 Low Product Manifest Bundle-Name slf4j-simple Medium Product pom name SLF4J Simple Binding High Product pom artifactid slf4j-simple Highest Product Manifest Implementation-Title slf4j-simple High Product pom groupid slf4j Highest Product file name slf4j-simple High Version Manifest Implementation-Version 2.0.0-alpha1 High Version pom version 2.0.0-alpha1 Highest
snappy-0.4.jarDescription:
Port of Snappy to Java License:
Apache License 2.0: http://www.apache.org/licenses/LICENSE-2.0.html File Path: C:\Users\Jeremy\.m2\repository\org\iq80\snappy\snappy\0.4\snappy-0.4.jar
MD5: f0792d1dbe7f90d8b34c7c19961e0073
SHA1: a42b2d92a89efd35bb14738000dabcac6bd07a8d
SHA256: 46a0c87d504ce9d6063e1ff6e4d20738feb49d8abf85b5071a7d18df4f11bac9
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.iq80.snappy Highest Vendor jar package name snappy Highest Vendor pom url http://github.com/dain/snappy Highest Vendor pom groupid iq80.snappy Highest Vendor jar package name iq80 Low Vendor jar package name iq80 Highest Vendor pom artifactid snappy Low Vendor file name snappy High Vendor pom name snappy High Vendor jar package name snappy Low Product jar package name snappy Highest Product pom groupid iq80.snappy Highest Product jar package name iq80 Highest Product pom url http://github.com/dain/snappy Medium Product file name snappy High Product pom artifactid snappy Highest Product pom name snappy High Product jar package name snappy Low Version file version 0.4 High Version pom version 0.4 Highest
sonar-maven-plugin-3.7.0.1746.jarDescription:
Trigger SonarQube analysis on Maven projects License:
GNU LGPL 3: http://www.gnu.org/licenses/lgpl.txt File Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\maven\sonar-maven-plugin\3.7.0.1746\sonar-maven-plugin-3.7.0.1746.jar
MD5: 0150271a1575c8e319accec22a132824
SHA1: dfc137752440e2c3f2ea6fcf14e551e62e1cfcaf
SHA256: 3c4ec86cb5ed0d2beb64cc712402fa71af432bf3d34bd815e7fe6ebea42eff35
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.sonarsource.parent Medium Vendor pom name SonarQube Scanner for Maven High Vendor pom artifactid sonar-maven-plugin Low Vendor Manifest build-time 2019-10-01T07:39:51+0000 Low Vendor pom groupid org.sonarsource.scanner.maven Highest Vendor jar package name sonarsource Highest Vendor pom url http://sonarsource.github.io/sonar-scanner-maven/ Highest Vendor Manifest implementation-build 9eb7bda51a732b7875bb1611799dd098282c38c3 Low Vendor jar package name maven Highest Vendor jar package name scanner Highest Vendor pom parent-artifactid parent Low Vendor pom groupid sonarsource.scanner.maven Highest Vendor file name sonar-maven-plugin High Product pom parent-groupid org.sonarsource.parent Medium Product pom artifactid sonar-maven-plugin Highest Product pom name SonarQube Scanner for Maven High Product Manifest build-time 2019-10-01T07:39:51+0000 Low Product jar package name sonarsource Highest Product Manifest implementation-build 9eb7bda51a732b7875bb1611799dd098282c38c3 Low Product jar package name maven Highest Product pom url http://sonarsource.github.io/sonar-scanner-maven/ Medium Product jar package name scanner Highest Product pom parent-artifactid parent Medium Product pom groupid sonarsource.scanner.maven Highest Product file name sonar-maven-plugin High Version pom parent-version 3.7.0.1746 Low Version pom version 3.7.0.1746 Highest Version Manifest version 3.7.0.1746 Medium Version file version 3.7.0.1746 High
sonar-scanner-api-2.14.0.2002.jarFile Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\api\sonar-scanner-api\2.14.0.2002\sonar-scanner-api-2.14.0.2002.jarMD5: bf7fe653193b40a1c5e6f3ae6f22caedSHA1: 9b47ebf4e5cd2bff36ea0ee398f810a6462299feSHA256: bb870c1a70bdc4dbf3231a144ed49d677a4773431fa61dc5af2ee5627234001dReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name SonarQube Scanner API High Vendor pom groupid org.sonarsource.scanner.api Highest Vendor pom parent-artifactid sonar-scanner-api-parent Low Vendor file name sonar-scanner-api High Vendor pom parent-groupid org.sonarsource.scanner.api Medium Vendor pom artifactid sonar-scanner-api Low Vendor jar package name sonarsource Highest Vendor Manifest build-time 2019-09-26T19:04:38+0000 Low Vendor Manifest implementation-build 728aa4fda2f0a0ce5bd914dd347d36948daa7efc Low Vendor jar package name api Highest Vendor jar package name scanner Highest Vendor pom groupid sonarsource.scanner.api Highest Product pom name SonarQube Scanner API High Product Manifest build-time 2019-09-26T19:04:38+0000 Low Product pom parent-artifactid sonar-scanner-api-parent Medium Product Manifest implementation-build 728aa4fda2f0a0ce5bd914dd347d36948daa7efc Low Product file name sonar-scanner-api High Product jar package name api Highest Product jar package name scanner Highest Product pom parent-groupid org.sonarsource.scanner.api Medium Product pom artifactid sonar-scanner-api Highest Product pom groupid sonarsource.scanner.api Highest Product jar package name sonarsource Highest Version pom version 2.14.0.2002 Highest Version Manifest version 2.14.0.2002 Medium Version file version 2.14.0.2002 High
Related Dependencies sonar-scanner-api-2.14.0.2002.jar: sonar-scanner-api-batch.jarFile Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\api\sonar-scanner-api\2.14.0.2002\sonar-scanner-api-2.14.0.2002.jar\sonar-scanner-api-batch.jar MD5: 490fe1e9ef6808b1584311aa5c64b49b SHA1: 0747488847ffe2dae5594a931a874ac4cc30e35b SHA256: cc763934b6345679658c2adf64413921abca45e63d9d6746149fbf1f8b297bd7 pkg:maven/org.sonarsource.scanner.api/sonar-scanner-api-batch@2.14.0.2002 sonar-scanner-api-2.14.0.2002.jar (shaded: com.eclipsesource.minimal-json:minimal-json:0.9.5)Description:
A Minimal JSON Parser and Writer License:
MIT License: http://opensource.org/licenses/MIT File Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\api\sonar-scanner-api\2.14.0.2002\sonar-scanner-api-2.14.0.2002.jar\META-INF/maven/com.eclipsesource.minimal-json/minimal-json/pom.xml
MD5: 1901cd9e62a5c9f257fabaadbf0d75b6
SHA1: 81f2de78a90792c1fbbe89a27b6099ea2e6442ff
SHA256: dadd76fcd0b605c3007b6fb60b25b645d665c23759cd9aaa9b374d8b404ee43a
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name minimal-json High Vendor pom url ralfstx/minimal-json Highest Vendor pom groupid eclipsesource.minimal-json Highest Vendor pom artifactid minimal-json Low Product pom name minimal-json High Product pom artifactid minimal-json Highest Product pom url ralfstx/minimal-json High Product pom groupid eclipsesource.minimal-json Highest Version pom version 0.9.5 Highest
sonar-scanner-api-2.14.0.2002.jar (shaded: com.squareup.okhttp3:okhttp:3.14.2)File Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\api\sonar-scanner-api\2.14.0.2002\sonar-scanner-api-2.14.0.2002.jar\META-INF/maven/com.squareup.okhttp3/okhttp/pom.xmlMD5: 86441cdb31fe026f0cb4d1db491bc2b5SHA1: dd1f51bfb544c2b82cd658fc006af1be2e79c594SHA256: 3c4be9747847a3b5eac62abbcdbe3dde40f475f0875b6f34dfe3eeddd9f487b6Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid com.squareup.okhttp3 Medium Vendor pom artifactid okhttp Low Vendor pom name OkHttp High Vendor pom parent-artifactid parent Low Vendor pom groupid squareup.okhttp3 Highest Product pom parent-groupid com.squareup.okhttp3 Medium Product pom name OkHttp High Product pom parent-artifactid parent Medium Product pom groupid squareup.okhttp3 Highest Product pom artifactid okhttp Highest Version pom version 3.14.2 Highest
Related Dependencies sonar-scanner-api-2.14.0.2002.jar (shaded: com.squareup.okhttp3:okhttp-urlconnection:3.14.2)File Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\api\sonar-scanner-api\2.14.0.2002\sonar-scanner-api-2.14.0.2002.jar\META-INF/maven/com.squareup.okhttp3/okhttp-urlconnection/pom.xml MD5: a8705cd02056296f456d13ce838cd251 SHA1: 4f55b069436bfc8639d6c0021be37ef159af656e SHA256: adfcec96acb714d9b10dbeae74a891a116caa6be09e407970bad45f461cb8d2e pkg:maven/com.squareup.okhttp3/okhttp-urlconnection@3.14.2 sonar-scanner-api-2.14.0.2002.jar (shaded: com.squareup.okio:okio:1.17.2)File Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\api\sonar-scanner-api\2.14.0.2002\sonar-scanner-api-2.14.0.2002.jar\META-INF/maven/com.squareup.okio/okio/pom.xmlMD5: 4e3f583c9c76886896daa457f83409acSHA1: abe9c87bf8b3b4e19cabc0014b76fd633fa467a5SHA256: cd57f75443ab6a714b203da51994ee64ed0e919fea81f04e4f4b5324e4bb03f0Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid okio Low Vendor pom name Okio High Vendor pom parent-groupid com.squareup.okio Medium Vendor pom groupid squareup.okio Highest Vendor pom parent-artifactid okio-parent Low Product pom parent-artifactid okio-parent Medium Product pom artifactid okio Highest Product pom name Okio High Product pom parent-groupid com.squareup.okio Medium Product pom groupid squareup.okio Highest Version pom version 1.17.2 Highest
sonar-scanner-api-2.14.0.2002.jar (shaded: org.sonarsource.scanner.api:sonar-scanner-api-batch-interface:2.14.0.2002)File Path: C:\Users\Jeremy\.m2\repository\org\sonarsource\scanner\api\sonar-scanner-api\2.14.0.2002\sonar-scanner-api-2.14.0.2002.jar\META-INF/maven/org.sonarsource.scanner.api/sonar-scanner-api-batch-interface/pom.xmlMD5: 3fdb1d4eebb7c429c7a14278e5821d2eSHA1: a2896546a6cab411adef11c801f92537fc0cf59bSHA256: b5365394e8480d7ace1d30dd3b47e07bc52e5775e6bc92b2b435559b204b3271Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-artifactid sonar-scanner-api-parent Low Vendor pom parent-groupid org.sonarsource.scanner.api Medium Vendor pom artifactid sonar-scanner-api-batch-interface Low Vendor pom name SonarQube Scanner API - Batch Interface High Vendor pom groupid sonarsource.scanner.api Highest Product pom parent-artifactid sonar-scanner-api-parent Medium Product pom parent-groupid org.sonarsource.scanner.api Medium Product pom name SonarQube Scanner API - Batch Interface High Product pom groupid sonarsource.scanner.api Highest Product pom artifactid sonar-scanner-api-batch-interface Highest Version pom version 2.14.0.2002 Highest
spotbugs-4.1.4.jarDescription:
SpotBugs: Because it's easy! License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs\4.1.4\spotbugs-4.1.4.jar
MD5: 68a0404304bbb2080c7ab8bf9109672f
SHA1: d5094294a417831b396aed86e0d2e5f1a9bf47e6
SHA256: 9407c27b324ad493479e3c2365e01444ce88db0fa86c835940c0f9ddd746f268
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name SpotBugs High Vendor file name spotbugs High Vendor pom groupid com.github.spotbugs Highest Vendor Manifest automatic-module-name com.github.spotbugs.spotbugs Medium Vendor pom groupid github.spotbugs Highest Vendor pom url https://spotbugs.github.io/ Highest Vendor pom artifactid spotbugs Low Product pom name SpotBugs High Product file name spotbugs High Product Manifest automatic-module-name com.github.spotbugs.spotbugs Medium Product pom groupid github.spotbugs Highest Product pom artifactid spotbugs Highest Product pom url https://spotbugs.github.io/ Medium Version Manifest Bundle-Version 4.1.4 High Version pom version 4.1.4 Highest Version file version 4.1.4 High
spotbugs-annotations-4.1.4.jarDescription:
Annotations the SpotBugs tool supports License:
GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-annotations\4.1.4\spotbugs-annotations-4.1.4.jar
MD5: 4eadccd0d3e60d3d51c2ab74b4d13252
SHA1: aa25ac7a3dab199133b1b49a8e79b152eeddd3a2
SHA256: f4d784f99c40cd7240cc36cd9288ff89e03b00681f282ee7cca2348e364ce0a1
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name spotbugs-annotations High Vendor pom groupid com.github.spotbugs Highest Vendor Manifest bundle-symbolicname spotbugs-annotations Medium Vendor pom groupid github.spotbugs Highest Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Vendor pom artifactid spotbugs-annotations Low Vendor pom name SpotBugs Annotations High Vendor pom url https://spotbugs.github.io/ Highest Vendor Manifest automatic-module-name com.github.spotbugs.annotations Medium Product Manifest Bundle-Name spotbugs-annotations Medium Product file name spotbugs-annotations High Product pom artifactid spotbugs-annotations Highest Product Manifest bundle-symbolicname spotbugs-annotations Medium Product pom groupid github.spotbugs Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.5 Low Product pom url https://spotbugs.github.io/ Medium Product pom name SpotBugs Annotations High Product Manifest automatic-module-name com.github.spotbugs.annotations Medium Version Manifest Bundle-Version 4.1.4 High Version pom version 4.1.4 Highest Version file version 4.1.4 High
spotbugs-maven-plugin-4.1.4.jarDescription:
This Plug-In generates reports based on the SpotBugs Library License:
Apache 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\github\spotbugs\spotbugs-maven-plugin\4.1.4\spotbugs-maven-plugin-4.1.4.jar
MD5: c8a702ddce0fa13bc8deafc24847eb88
SHA1: 1da46ab030a066559e9977fdbcb78638eae6168d
SHA256: a78cea57884c74863a3223151f642d9964c4505aaac38499d73314d99c53fb50
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom organization name Garvin Leclaire High Vendor Manifest build-tool Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f) Low Vendor jar package name spotbugs Highest Vendor pom name SpotBugs Maven Plugin High Vendor Manifest Implementation-Vendor Garvin Leclaire High Vendor pom artifactid spotbugs-maven-plugin Low Vendor pom url https://spotbugs.github.io/spotbugs-maven-plugin/ Highest Vendor Manifest git-revision b3dfcdc91065ec15a230e9a540ec4c317b32594a Low Vendor Manifest os-name Windows 10 Medium Vendor Manifest specification-vendor Garvin Leclaire Low Vendor pom parent-groupid com.github.hazendaz Medium Vendor file name spotbugs-maven-plugin High Vendor Manifest build-os Windows 10 (10.0; amd64) Low Vendor Manifest os-arch amd64 Low Vendor Manifest copyright 2020 Low Vendor Manifest build-jdk-spec 1.8 Low Vendor pom parent-artifactid base-parent Low Vendor pom organization url gleclaire Medium Vendor pom groupid com.github.spotbugs Highest Vendor Manifest build-time 2020-10-19 15:39:07 Low Vendor pom groupid github.spotbugs Highest Product pom url https://spotbugs.github.io/spotbugs-maven-plugin/ Medium Product Manifest build-tool Apache Maven 3.6.3 (cecedd343002696d0abb50b32b541b8a6ba2883f) Low Product jar package name spotbugs Highest Product pom parent-artifactid base-parent Medium Product pom name SpotBugs Maven Plugin High Product Manifest git-revision b3dfcdc91065ec15a230e9a540ec4c317b32594a Low Product Manifest os-name Windows 10 Medium Product pom parent-groupid com.github.hazendaz Medium Product file name spotbugs-maven-plugin High Product Manifest build-os Windows 10 (10.0; amd64) Low Product Manifest os-arch amd64 Low Product pom organization name Garvin Leclaire Low Product pom artifactid spotbugs-maven-plugin Highest Product Manifest copyright 2020 Low Product Manifest build-jdk-spec 1.8 Low Product Manifest build-time 2020-10-19 15:39:07 Low Product pom groupid github.spotbugs Highest Product Manifest Implementation-Title SpotBugs Maven Plugin High Product Manifest specification-title SpotBugs Maven Plugin Medium Product pom url gleclaire High Version Manifest Implementation-Version 4.1.4 High Version pom parent-version 4.1.4 Low Version pom version 4.1.4 Highest Version file version 4.1.4 High
Published Vulnerabilities CVE-2020-8472 suppress
Insufficient folder permissions used by system functions in ABB System 800xA products OPCServer for AC800M (versions 6.0 and earlier) and Control Builder M Professional, MMSServer for AC800M, Base Software for SoftControl (version 6.1 and earlier) allow low privileged users to read, modify, add and delete system and application files. An authenticated attacker who successfully exploited the vulnerabilities could escalate his/her privileges, cause system functions to stop and to corrupt user applications. CWE-732 Incorrect Permission Assignment for Critical Resource
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:L/AC:L/Au:N/C:P/I:P/A:C CVSSv3:
Base Score: HIGH (7.8) Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-8478 suppress
Insufficient protection of the inter-process communication functions in ABB System 800xA products OPC Server for AC 800M, MMS Server for AC 800M and Base Software for SoftControl (all published versions) enables an attacker authenticated on the local system to inject data, affecting the online view of runtime data shown in Control Builder. CWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVSSv2:
Base Score: LOW (2.1) Vector: /AV:L/AC:L/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: LOW (3.3) Vector: /AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N References:
Vulnerable Software & Versions: (show all )
spring-core-3.1.3.RELEASE.jarLicense:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\springframework\spring-core\3.1.3.RELEASE\spring-core-3.1.3.RELEASE.jar
MD5: fbbd71eef12ae78a24b180698459f106
SHA1: abaf69158b1f9639adfbb24b94bba190a1892f2f
SHA256: 014a7b21db680fd8867e026b18c3bf89d304dec5b21090a8b6a7b3cb5cfc77d2
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid org.springframework Highest Vendor pom parent-groupid org.springframework Medium Vendor pom parent-artifactid spring-parent Low Vendor hint analyzer vendor SpringSource Highest Vendor hint analyzer vendor vmware Highest Vendor Manifest bundle-symbolicname org.springframework.core Medium Vendor jar package name springframework Highest Vendor pom artifactid spring-core Low Vendor jar package name core Highest Vendor hint analyzer vendor pivotal software Highest Vendor file name spring-core High Vendor Manifest bundle-creator cbeams Low Vendor pom groupid springframework Highest Product pom parent-groupid org.springframework Medium Product Manifest bundle-symbolicname org.springframework.core Medium Product hint analyzer product springsource_spring_framework Highest Product Manifest Bundle-Name Spring Core Medium Product jar package name springframework Highest Product pom artifactid spring-core Highest Product jar package name core Highest Product file name spring-core High Product pom parent-artifactid spring-parent Medium Product Manifest bundle-creator cbeams Low Product Manifest Implementation-Title org.springframework.core High Product pom groupid springframework Highest Version pom version 3.1.3.RELEASE Highest Version Manifest Implementation-Version 3.1.3.RELEASE High Version Manifest Bundle-Version 3.1.3.RELEASE High
Related Dependencies spring-asm-3.1.3.RELEASE.jarFile Path: C:\Users\Jeremy\.m2\repository\org\springframework\spring-asm\3.1.3.RELEASE\spring-asm-3.1.3.RELEASE.jar MD5: 3588a8111be5a9cf08d9a03ee9cdf27a SHA1: 312ed3e9e962f66557b2276a0a1f8482d19cbfeb SHA256: cdaf1d07040e751133a24f997aca7d98eacbfe67e1b2875dce8ca73825278130 pkg:maven/org.springframework/spring-asm@3.1.3.RELEASE Published Vulnerabilities CVE-2013-4152 suppress
The Spring OXM wrapper in Spring Framework before 3.2.4 and 4.0.0.M1, when using the JAXB marshaller, does not disable entity resolution, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via an XML external entity declaration in conjunction with an entity reference in a (1) DOMSource, (2) StAXSource, (3) SAXSource, or (4) StreamSource, aka an XML External Entity (XXE) issue. CWE-264 Permissions, Privileges, and Access Controls
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2013-6429 suppress
The SourceHttpMessageConverter in Spring MVC in Spring Framework before 3.2.5 and 4.0.0.M1 through 4.0.0.RC1 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152 and CVE-2013-7315. CWE-611 Improper Restriction of XML External Entity Reference ('XXE'), CWE-352 Cross-Site Request Forgery (CSRF)
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2013-6430 suppress
The JavaScriptUtils.javaScriptEscape method in web/util/JavaScriptUtils.java in Spring MVC in Spring Framework before 3.2.2 does not properly escape certain characters, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a (1) line separator or (2) paragraph separator Unicode character or (3) left or (4) right angle bracket. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: LOW (3.5) Vector: /AV:N/AC:M/Au:S/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (5.4) Vector: /AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions:
CVE-2013-7315 suppress
The Spring MVC in Spring Framework before 3.2.4 and 4.0.0.M1 through 4.0.0.M2 does not disable external entity resolution for the StAX XMLInputFactory, which allows context-dependent attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML with JAXB, aka an XML External Entity (XXE) issue, and a different vulnerability than CVE-2013-4152. NOTE: this issue was SPLIT from CVE-2013-4152 due to different affected versions. CWE-264 Permissions, Privileges, and Access Controls
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2014-0054 suppress
The Jaxb2RootElementHttpMessageConverter in Spring MVC in Spring Framework before 3.2.8 and 4.0.0 before 4.0.2 does not disable external entity resolution, which allows remote attackers to read arbitrary files, cause a denial of service, and conduct CSRF attacks via crafted XML, aka an XML External Entity (XXE) issue. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-4152, CVE-2013-7315, and CVE-2013-6429. CWE-352 Cross-Site Request Forgery (CSRF)
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2014-0225 suppress
When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack. CWE-611 Improper Restriction of XML External Entity Reference ('XXE')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2014-1904 suppress
Cross-site scripting (XSS) vulnerability in web/servlet/tags/form/FormTag.java in Spring MVC in Spring Framework 3.0.0 before 3.2.8 and 4.0.0 before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the requested URI in a default action. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2014-3625 suppress
Directory traversal vulnerability in Pivotal Spring Framework 3.0.4 through 3.2.x before 3.2.12, 4.0.x before 4.0.8, and 4.1.x before 4.1.2 allows remote attackers to read arbitrary files via unspecified vectors, related to static resource handling. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2016-9878 suppress
An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. Paths provided to the ResourceServlet were not properly sanitized and as a result exposed to directory traversal attacks. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2018-1270 suppress
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. A malicious user (or attacker) can craft a message to the broker that can lead to a remote code execution attack. CWE-358 Improperly Implemented Security Check for Standard
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: CRITICAL (9.8) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2018-1271 suppress
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, allow applications to configure Spring MVC to serve static resources (e.g. CSS, JS, images). When static resources are served from a file system on Windows (as opposed to the classpath, or the ServletContext), a malicious user can send a request using a specially crafted URL that can lead a directory traversal attack. CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (5.9) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2018-1272 suppress
Spring Framework, versions 5.0 prior to 5.0.5 and versions 4.3 prior to 4.3.15 and older unsupported versions, provide client-side support for multipart requests. When Spring MVC or Spring WebFlux server application (server A) receives input from a remote client, and then uses that input to make a multipart request to another server (server B), it can be exposed to an attack, where an extra multipart is inserted in the content of the request from server A, causing server B to use the wrong value for a part it expects. This could to lead privilege escalation, for example, if the part content represents a username or user roles. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (6.0) Vector: /AV:N/AC:M/Au:S/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2020-5421 suppress
In Spring Framework versions 5.2.0 - 5.2.8, 5.1.0 - 5.1.17, 5.0.0 - 5.0.18, 4.3.0 - 4.3.28, and older unsupported versions, the protections against RFD attacks from CVE-2015-5211 may be bypassed depending on the browser used through the use of a jsessionid path parameter. NVD-CWE-noinfo
CVSSv2:
Base Score: LOW (3.6) Vector: /AV:N/AC:H/Au:S/C:P/I:P/A:N CVSSv3:
Base Score: MEDIUM (6.5) Vector: /AV:N/AC:H/PR:L/UI:R/S:C/C:L/I:H/A:N References:
Vulnerable Software & Versions: (show all )
sqljet-1.1.10.jarDescription:
Pure Java Sqlite Library License:
GPL (with dual licensing option): http://www.gnu.org/licenses/gpl.html File Path: C:\Users\Jeremy\.m2\repository\org\tmatesoft\sqljet\sqljet\1.1.10\sqljet-1.1.10.jar
MD5: ae96e5611e50631c3c12c3aaf862bf35
SHA1: ede7fbabd4c96d34e48fda0e8feced24c98cedca
SHA256: df7463424e3560f5e8c8003e1816c0a6ea6e84673921ca5af05b90b0892b3c97
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name sqljet Highest Vendor pom name SqlJet Library High Vendor pom url http://www.sqljet.com/ Highest Vendor Manifest build-number r1317_v20140121_0107 Low Vendor pom groupid org.tmatesoft.sqljet Highest Vendor file name sqljet High Vendor pom groupid tmatesoft.sqljet Highest Vendor jar package name tmatesoft Highest Vendor pom artifactid sqljet Low Product jar package name sqljet Highest Product pom artifactid sqljet Highest Product pom name SqlJet Library High Product pom url http://www.sqljet.com/ Medium Product Manifest build-number r1317_v20140121_0107 Low Product file name sqljet High Product pom groupid tmatesoft.sqljet Highest Product jar package name tmatesoft Highest Version file version 1.1.10 High Version pom version 1.1.10 Highest Version Manifest build-version 1.1.10 Medium
sslext-1.2-0.jarLicense:
Apache Software License, Version 1.1: http://www.apache.org/licenses/LICENSE-1.1 File Path: C:\Users\Jeremy\.m2\repository\sslext\sslext\1.2-0\sslext-1.2-0.jar
MD5: fda7f2a2f7ac9b017a5de1a4742753fd
SHA1: c86a7db4ac0bc450e675f3d44b3d64cdc934361b
SHA256: 4ec193f85bf3c5e84be4ef79fe1e8e71493b317858735cfe062c4c54f818c312
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid sslext Low Vendor jar package name struts Low Vendor pom groupid sslext Highest Vendor jar package name apache Low Vendor pom organization name Steve Ditlinger High Vendor pom organization url http://sslext.sourceforge.net/ Medium Vendor pom name sslext High Vendor file name sslext High Product jar package name struts Low Product pom organization url http://sslext.sourceforge.net/ Low Product pom organization name Steve Ditlinger Low Product pom groupid sslext Highest Product pom artifactid sslext Highest Product pom name sslext High Product file name sslext High Version pom version 1.2-0 Highest
stax-api-1.0-2.jarDescription:
StAX is a standard XML processing API that allows you to stream XML data from and to your application.
License:
GNU General Public Library: http://www.gnu.org/licenses/gpl.txt
COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: http://www.sun.com/cddl/cddl.html File Path: C:\Users\Jeremy\.m2\repository\javax\xml\stream\stax-api\1.0-2\stax-api-1.0-2.jar
MD5: 7d18b63063580284c3f5734081fdc99f
SHA1: d6337b0de8b25e53e81b922352fbea9f9f57ba0b
SHA256: e8c70ebd76f982c9582a82ef82cf6ce14a7d58a4a4dca5cb7b7fc988c80089b7
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid javax.xml.stream Highest Vendor jar package name javax Highest Vendor pom name Streaming API for XML High Vendor file name stax-api High Vendor jar package name stream Highest Vendor pom artifactid stax-api Low Vendor jar package name javax Low Vendor jar package name xml Low Vendor jar package name stream Low Vendor jar package name xml Highest Product pom groupid javax.xml.stream Highest Product jar package name javax Highest Product pom name Streaming API for XML High Product pom artifactid stax-api Highest Product file name stax-api High Product jar package name stream Highest Product jar package name xml Low Product jar package name stream Low Product jar package name xml Highest Version pom version 1.0-2 Highest
stax-api-1.0.1.jarDescription:
StAX API is the standard java XML processing API defined by JSR-173 License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\stax\stax-api\1.0.1\stax-api-1.0.1.jar
MD5: 7d436a53c64490bee564c576babb36b4
SHA1: 49c100caf72d658aca8e58bd74a4ba90fa2b0d70
SHA256: d1968436fc216c901fb9b82c7e878b50fd1d30091676da95b2edd3a9c0ccf92e
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name stax-api High Vendor Manifest specification-vendor JCP-173 Low Vendor pom groupid stax Highest Vendor pom artifactid stax-api Low Vendor pom name StAX API High Vendor Manifest Implementation-Vendor JCP High Vendor pom url http://stax.codehaus.org/ Highest Vendor jar package name xml Highest Product pom artifactid stax-api Highest Product file name stax-api High Product Manifest specification-title StAX Medium Product pom groupid stax Highest Product pom name StAX API High Product Manifest Implementation-Title StAX 1.0 API High Product pom url http://stax.codehaus.org/ Medium Product jar package name xml Highest Version file version 1.0.1 High Version pom version 1.0.1 Highest Version Manifest Implementation-Version 1.0.1 High
stax-ex-1.8.3.jarDescription:
Extensions to JSR-173 StAX API. License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\org\jvnet\staxex\stax-ex\1.8.3\stax-ex-1.8.3.jar
MD5: f6d943e74064cc1e7986236699d6cd04
SHA1: 4d69b68ee007aa15238cd4477392068b32747df3
SHA256: bee08da10bbc481418a1af70b9e9a80321b745bfb4dbdebbe98c1aa17c45caf8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name jvnet Highest Vendor Manifest implementation-url https://projects.eclipse.org/projects/ee4j/stax-ex Low Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor file name stax-ex High Vendor Manifest bundle-symbolicname org.jvnet.staxex.stax-ex Medium Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor pom artifactid stax-ex Low Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor Manifest Implementation-Vendor-Id org.jvnet.staxex Medium Vendor pom parent-artifactid project Low Vendor pom groupid jvnet.staxex Highest Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor Manifest build-jdk-spec 11 Low Vendor pom name Extended StAX API High Vendor jar package name staxex Highest Vendor pom groupid org.jvnet.staxex Highest Vendor Manifest implementation-build-id 1.8.3 - 1.8.3-RELEASE-eb4e2c1 Low Product pom parent-artifactid project Medium Product Manifest Implementation-Title Extended StAX API High Product jar package name jvnet Highest Product Manifest Bundle-Name Extended StAX API Medium Product Manifest implementation-url https://projects.eclipse.org/projects/ee4j/stax-ex Low Product pom artifactid stax-ex Highest Product Manifest bundle-docurl https://www.eclipse.org Low Product file name stax-ex High Product Manifest bundle-symbolicname org.jvnet.staxex.stax-ex Medium Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product pom parent-groupid org.eclipse.ee4j Medium Product pom groupid jvnet.staxex Highest Product Manifest build-jdk-spec 11 Low Product pom name Extended StAX API High Product jar package name staxex Highest Product Manifest implementation-build-id 1.8.3 - 1.8.3-RELEASE-eb4e2c1 Low Version Manifest Bundle-Version 1.8.3 High Version Manifest implementation-build-id 1.8.3 Low Version Manifest Implementation-Version 1.8.3 High Version pom version 1.8.3 Highest Version file version 1.8.3 High Version pom parent-version 1.8.3 Low
stax2-api-3.1.4.jarDescription:
tax2 API is an extension to basic Stax 1.0 API that adds significant new functionality, such as full-featured bi-direction validation interface and high-performance Typed Access API.
License:
The BSD License: http://www.opensource.org/licenses/bsd-license.php File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\woodstox\stax2-api\3.1.4\stax2-api-3.1.4.jar
MD5: c08e89de601b0a78f941b2c29db565c3
SHA1: ac19014b1e6a7c08aad07fe114af792676b685b7
SHA256: 86d7c0b775a7c9b454cc6ba61d40a8eb3b99cc129f832eb9b977a3755b4b338e
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom organization url http://fasterxml.com Medium Vendor Manifest bundle-symbolicname stax2-api Medium Vendor jar package name codehaus Highest Vendor pom groupid org.codehaus.woodstox Highest Vendor jar package name stax2 Highest Vendor pom url http://wiki.fasterxml.com/WoodstoxStax2 Highest Vendor pom organization name fasterxml.com High Vendor pom artifactid stax2-api Low Vendor jar package name typed Highest Vendor pom name Stax2 API High Vendor jar package name validation Highest Vendor file name stax2-api High Vendor Manifest bundle-docurl http://fasterxml.com Low Vendor pom groupid codehaus.woodstox Highest Product Manifest bundle-symbolicname stax2-api Medium Product pom organization name fasterxml.com Low Product jar package name codehaus Highest Product jar package name stax2 Highest Product Manifest Bundle-Name Stax2 API Medium Product pom artifactid stax2-api Highest Product pom organization url http://fasterxml.com Low Product jar package name typed Highest Product jar package name validation Highest Product pom name Stax2 API High Product file name stax2-api High Product Manifest bundle-docurl http://fasterxml.com Low Product pom groupid codehaus.woodstox Highest Product pom url http://wiki.fasterxml.com/WoodstoxStax2 Medium Version Manifest Bundle-Version 3.1.4 High Version file version 3.1.4 High Version pom version 3.1.4 Highest
streambuffer-1.5.9.jarDescription:
Stream based representation for XML infoset License:
Eclipse Distribution License - v 1.0: http://www.eclipse.org/org/documents/edl-v10.php File Path: C:\Users\Jeremy\.m2\repository\com\sun\xml\stream\buffer\streambuffer\1.5.9\streambuffer-1.5.9.jar
MD5: 464f9f795f36e55cd9e298d8921f2418
SHA1: 733a10be51d993b85a3c2219cce1d478a9690d61
SHA256: 3f668190b4c32991352d9ea316f9908e2673338a27a5bc8c7d78036fabcfb2a8
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name stream Highest Vendor jar package name buffer Highest Vendor Manifest implementation-url https://github.com/eclipse-ee4j/metro-xmlstreambuffer Low Vendor Manifest Implementation-Vendor-Id com.sun.xml.stream.buffer Medium Vendor Manifest bundle-docurl https://www.eclipse.org Low Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Vendor jar package name sun Highest Vendor Manifest bundle-symbolicname com.sun.xml.stream.buffer.streambuffer Medium Vendor pom parent-groupid org.eclipse.ee4j Medium Vendor jar package name xml Highest Vendor pom parent-artifactid project Low Vendor pom url eclipse-ee4j/metro-xmlstreambuffer Highest Vendor pom artifactid streambuffer Low Vendor Manifest implementation-build-id 1.5.9 - 1.5.9-RELEASE-26104c6 Low Vendor pom groupid sun.xml.stream.buffer Highest Vendor Manifest Implementation-Vendor Eclipse Foundation High Vendor pom groupid com.sun.xml.stream.buffer Highest Vendor file name streambuffer High Vendor pom name xmlstreambuffer High Vendor jar (hint) package name oracle Highest Vendor Manifest build-jdk-spec 11 Low Product pom parent-artifactid project Medium Product Manifest Bundle-Name xmlstreambuffer Medium Product jar package name stream Highest Product jar package name buffer Highest Product Manifest implementation-url https://github.com/eclipse-ee4j/metro-xmlstreambuffer Low Product Manifest bundle-docurl https://www.eclipse.org Low Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.8))" Low Product Manifest Implementation-Title xmlstreambuffer High Product jar package name sun Highest Product pom artifactid streambuffer Highest Product Manifest bundle-symbolicname com.sun.xml.stream.buffer.streambuffer Medium Product pom parent-groupid org.eclipse.ee4j Medium Product jar package name xml Highest Product Manifest implementation-build-id 1.5.9 - 1.5.9-RELEASE-26104c6 Low Product pom groupid sun.xml.stream.buffer Highest Product file name streambuffer High Product pom name xmlstreambuffer High Product Manifest build-jdk-spec 11 Low Product pom url eclipse-ee4j/metro-xmlstreambuffer High Version pom version 1.5.9 Highest Version Manifest Bundle-Version 1.5.9 High Version Manifest Implementation-Version 1.5.9 High Version pom parent-version 1.5.9 Low Version file version 1.5.9 High Version Manifest implementation-build-id 1.5.9 Low
struts-core-1.3.8.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\struts\struts-core\1.3.8\struts-core-1.3.8.jarMD5: 868de456b4d4331d6dcc4e8d3bee884eSHA1: 66178d4a9279ebb1cd1eb79c10dc204b4199f061SHA256: a7881710517dd6a50fa81c04d494e1493ad326bcc1adf2eb9493e5eb9ca9e077Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.struts Medium Vendor pom groupid org.apache.struts Highest Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest specification-vendor Apache Software Foundation Low Vendor pom name Struts Core High Vendor pom parent-artifactid struts-parent Low Vendor pom url http://struts.apache.org Highest Vendor file name struts-core High Vendor jar package name struts Highest Vendor jar package name apache Highest Vendor pom artifactid struts-core Low Vendor Manifest Implementation-Vendor-Id org.apache.struts Medium Vendor pom groupid apache.struts Highest Product pom parent-groupid org.apache.struts Medium Product jar package name apache Highest Product pom url http://struts.apache.org Medium Product pom name Struts Core High Product pom parent-artifactid struts-parent Medium Product pom artifactid struts-core Highest Product pom groupid apache.struts Highest Product file name struts-core High Product Manifest specification-title Struts Core Medium Product jar package name struts Highest Product Manifest Implementation-Title Struts Core High Version pom version 1.3.8 Highest Version file version 1.3.8 High Version Manifest Implementation-Version 1.3.8 High
Published Vulnerabilities CVE-2011-5057 (OSSINDEX) suppress
Apache Struts 2.3.1.1 and earlier provides interfaces that do not properly restrict access to collections such as the session and request collections, which might allow remote attackers to modify run-time data values via a crafted parameter to an application that implements an affected interface, as demonstrated by the SessionAware, RequestAware, ApplicationAware, ServletRequestAware, ServletResponseAware, and ParameterAware interfaces. NOTE: the vendor disputes the significance of this report because of an "easy work-around in existing apps by configuring the interceptor." CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2012-0391 (OSSINDEX) suppress
The ExceptionDelegator component in Apache Struts before 2.2.3.1 interprets parameter values as OGNL expressions during certain exception handling for mismatched data types of properties, which allows remote attackers to execute arbitrary Java code via a crafted parameter. CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2012-0392 (OSSINDEX) suppress
The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method. CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2012-0393 (OSSINDEX) suppress
The ParameterInterceptor component in Apache Struts before 2.3.1.1 does not prevent access to public constructors, which allows remote attackers to create or overwrite arbitrary files via a crafted parameter that triggers the creation of a Java object. CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:P References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2012-0394 suppress
** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself." CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2012-0838 (OSSINDEX) suppress
Apache Struts 2 before 2.2.3.1 evaluates a string as an OGNL expression during the handling of a conversion error, which allows remote attackers to modify run-time data values, and consequently execute arbitrary code, via invalid input to a field. CVSSv2:
Base Score: HIGH (10.0) Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2013-1965 (OSSINDEX) suppress
Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.1, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect. CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2013-1966 (OSSINDEX) suppress
Apache Struts 2 before 2.3.14.1 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2013-2115 (OSSINDEX) suppress
Apache Struts 2 before 2.3.14.2 allows remote attackers to execute arbitrary OGNL code via a crafted request that is not properly handled when using the includeParams attribute in the (1) URL or (2) A tag. NOTE: this issue is due to an incomplete fix for CVE-2013-1966. CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2013-2134 (OSSINDEX) suppress
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted action name that is not properly handled during wildcard matching, a different vulnerability than CVE-2013-2135. CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2013-2135 (OSSINDEX) suppress
Apache Struts 2 before 2.3.14.3 allows remote attackers to execute arbitrary OGNL code via a request with a crafted value that contains both "${}" and "%{}" sequences, which causes the OGNL code to be evaluated twice. CVSSv2:
Base Score: HIGH (9.3) Vector: /AV:N/AC:M/Au:N/C:C/I:C/A:C References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2014-0094 (OSSINDEX) suppress
The ParametersInterceptor in Apache Struts before 2.3.16.1 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method. CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2014-0113 (OSSINDEX) suppress
CookieInterceptor in Apache Struts before 2.3.16.2, when a wildcard cookiesName value is used, does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via a crafted request. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-0094. CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2014-0114 suppress
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1. CWE-20 Improper Input Validation
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2015-0899 suppress
The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2015-2992 suppress
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions:
CVE-2016-0785 (OSSINDEX) suppress
Apache Struts 2.x before 2.3.28 allows remote attackers to execute arbitrary code via a "%{}" sequence in a tag attribute, aka forced double OGNL evaluation. CVSSv3:
Base Score: HIGH (8.8) Vector: /AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* CVE-2016-1181 suppress
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2016-1182 suppress
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (8.2) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2016-4003 (OSSINDEX) suppress
Cross-site scripting (XSS) vulnerability in the URLDecoder function in JRE before 1.8, as used in Apache Struts 2.x before 2.3.28, when using a single byte page encoding, allows remote attackers to inject arbitrary web script or HTML via multi-byte characters in a url-encoded parameter. CVSSv3:
Base Score: MEDIUM (6.1) Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions (OSSINDEX):
cpe:2.3:a:org.apache.struts:struts-core:1.3.8:*:*:*:*:*:*:* struts-taglib-1.3.8.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\struts\struts-taglib\1.3.8\struts-taglib-1.3.8.jarMD5: 0effb2e71f676c25d76c3ae5dd6674f9SHA1: e87e9817bdf03c2367fb5f6d5ead953db2df4c21SHA256: 0b54adf308e50d8fdb82066b058bfa57ee244d1cdcf4bf7b6c12fb11d91f44a5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.struts Medium Vendor pom groupid org.apache.struts Highest Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor file name struts-taglib High Vendor Manifest specification-vendor Apache Software Foundation Low Vendor pom parent-artifactid struts-parent Low Vendor jar package name taglib Highest Vendor pom url http://struts.apache.org Highest Vendor pom artifactid struts-taglib Low Vendor jar package name struts Highest Vendor jar package name apache Highest Vendor Manifest Implementation-Vendor-Id org.apache.struts Medium Vendor pom groupid apache.struts Highest Vendor pom name Struts Taglib High Product pom artifactid struts-taglib Highest Product Manifest specification-title Struts Taglib Medium Product Manifest Implementation-Title Struts Taglib High Product pom parent-groupid org.apache.struts Medium Product pom url http://struts.apache.org Medium Product file name struts-taglib High Product jar package name taglib Highest Product jar package name struts Highest Product jar package name apache Highest Product pom parent-artifactid struts-parent Medium Product pom groupid apache.struts Highest Product pom name Struts Taglib High Version pom version 1.3.8 Highest Version file version 1.3.8 High Version Manifest Implementation-Version 1.3.8 High
Published Vulnerabilities CVE-2012-0394 suppress
** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself." CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2014-0114 suppress
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1. CWE-20 Improper Input Validation
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2015-0899 suppress
The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2015-2992 suppress
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions:
CVE-2016-1181 suppress
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2016-1182 suppress
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (8.2) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H References:
Vulnerable Software & Versions: (show all )
struts-tiles-1.3.8.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\struts\struts-tiles\1.3.8\struts-tiles-1.3.8.jarMD5: f41992ab2729b1cb9c6b4721465aa4e4SHA1: 6d212f8ea5d908bc9906e669428b7694dff60785SHA256: 3d66e61734b2ddad6e4b34aaa2382480ad6061e59e5e178e346cc275c0429e57Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.struts Medium Vendor pom groupid org.apache.struts Highest Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest specification-vendor Apache Software Foundation Low Vendor file name struts-tiles High Vendor pom parent-artifactid struts-parent Low Vendor pom url http://struts.apache.org Highest Vendor jar package name struts Highest Vendor jar package name apache Highest Vendor pom name Struts Tiles High Vendor Manifest Implementation-Vendor-Id org.apache.struts Medium Vendor jar package name tiles Highest Vendor pom groupid apache.struts Highest Vendor pom artifactid struts-tiles Low Product pom parent-groupid org.apache.struts Medium Product pom url http://struts.apache.org Medium Product pom artifactid struts-tiles Highest Product file name struts-tiles High Product Manifest Implementation-Title Struts Tiles High Product jar package name struts Highest Product jar package name apache Highest Product pom name Struts Tiles High Product jar package name tiles Highest Product pom parent-artifactid struts-parent Medium Product pom groupid apache.struts Highest Product Manifest specification-title Struts Tiles Medium Version pom version 1.3.8 Highest Version file version 1.3.8 High Version Manifest Implementation-Version 1.3.8 High
Published Vulnerabilities CVE-2012-0394 suppress
** DISPUTED ** The DebuggingInterceptor component in Apache Struts before 2.3.1.1, when developer mode is used, allows remote attackers to execute arbitrary commands via unspecified vectors. NOTE: the vendor characterizes this behavior as not "a security vulnerability itself." CWE-94 Improper Control of Generation of Code ('Code Injection')
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2014-0114 suppress
Apache Commons BeanUtils, as distributed in lib/commons-beanutils-1.8.0.jar in Apache Struts 1.x through 1.3.10 and in other products requiring commons-beanutils through 1.9.2, does not suppress the class property, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary code via the class parameter, as demonstrated by the passing of this parameter to the getClass method of the ActionForm object in Struts 1. CWE-20 Improper Input Validation
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
CVE-2015-0899 suppress
The MultiPageValidator implementation in Apache Struts 1 1.1 through 1.3.10 allows remote attackers to bypass intended access restrictions via a modified page parameter. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (5.0) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N References:
Vulnerable Software & Versions: (show all )
CVE-2015-2992 suppress
Apache Struts before 2.3.20 has a cross-site scripting (XSS) vulnerability. CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CVSSv2:
Base Score: MEDIUM (4.3) Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:N CVSSv3:
Base Score: MEDIUM (6.1) Vector: /AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N References:
Vulnerable Software & Versions:
CVE-2016-1181 suppress
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 mishandles multithreaded access to an ActionForm instance, which allows remote attackers to execute arbitrary code or cause a denial of service (unexpected memory access) via a multipart request, a related issue to CVE-2015-0899. NVD-CWE-noinfo
CVSSv2:
Base Score: MEDIUM (6.8) Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P CVSSv3:
Base Score: HIGH (8.1) Vector: /AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H References:
Vulnerable Software & Versions: (show all )
CVE-2016-1182 suppress
ActionServlet.java in Apache Struts 1 1.x through 1.3.10 does not properly restrict the Validator configuration, which allows remote attackers to conduct cross-site scripting (XSS) attacks or cause a denial of service via crafted input, a related issue to CVE-2015-0899. CWE-20 Improper Input Validation
CVSSv2:
Base Score: MEDIUM (6.4) Vector: /AV:N/AC:L/Au:N/C:N/I:N/A:P CVSSv3:
Base Score: HIGH (8.2) Vector: /AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H References:
Vulnerable Software & Versions: (show all )
surefire-api-3.0.0-M5.jarDescription:
API used in Surefire and Failsafe MOJO, Booter, Common and test framework providers. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-api\3.0.0-M5\surefire-api-3.0.0-M5.jarMD5: 153646d7a01d6b05e8d59a56df2a035aSHA1: c69fa3ed456fdd268b822dfa8a565df5f56a992dSHA256: f963823ad9c422b26ece431704b0de740c925ab4bfde6a34098d48056eb53594Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name surefire-api High Vendor pom artifactid surefire-api Low Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor pom groupid apache.maven.surefire Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor pom name SureFire API High Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name api Highest Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Product pom artifactid surefire-api Highest Product file name surefire-api High Product Manifest specification-title SureFire API Medium Product Manifest Implementation-Title SureFire API High Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product pom name SureFire API High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product jar package name api Highest Product jar package name surefire Highest Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
surefire-booter-3.0.0-M5.jarDescription:
API and Facilities used by forked tests running in JVM sub-process. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-booter\3.0.0-M5\surefire-booter-3.0.0-M5.jarMD5: b0678d79c1820432a1d422c3202a8800SHA1: 4572c9020eeeda85192673c5bd9aab48705c1354SHA256: 1078a430b772a69e2736770cf0d76bcd2533c33157261f185de013d69f0585c9Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name surefire-booter High Vendor jar package name booter Highest Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor pom artifactid surefire-booter Low Vendor pom groupid apache.maven.surefire Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom name SureFire Booter High Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Product Manifest specification-title SureFire Booter Medium Product file name surefire-booter High Product Manifest Implementation-Title SureFire Booter High Product jar package name booter Highest Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product pom name SureFire Booter High Product jar package name surefire Highest Product pom artifactid surefire-booter Highest Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
surefire-extensions-api-3.0.0-M5.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-extensions-api\3.0.0-M5\surefire-extensions-api-3.0.0-M5.jarMD5: 098e1d47d2a1bc836949f3f0cf4e6296SHA1: 989facf815c0b3a5045fea2abfab015786007d7cSHA256: 9ffd2515eee4a071f2cf4883748db98645fc9f5952774cd8846ac506c6bbe0b2Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid surefire-extensions-api Low Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor file name surefire-extensions-api High Vendor pom groupid apache.maven.surefire Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name extensions Highest Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Vendor pom name Surefire Extensions API High Product pom artifactid surefire-extensions-api Highest Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product file name surefire-extensions-api High Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product Manifest Implementation-Title Surefire Extensions API High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product Manifest specification-title Surefire Extensions API Medium Product jar package name extensions Highest Product jar package name surefire Highest Product pom name Surefire Extensions API High Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
surefire-extensions-spi-3.0.0-M5.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-extensions-spi\3.0.0-M5\surefire-extensions-spi-3.0.0-M5.jarMD5: 461d1d83a057d1111abfb7173994707dSHA1: 759dde400d25c9879677cb85aa45da3b8add830bSHA256: 1309a1c4a68e90d1abcdb2355ca3124d238cd07f1f4d5ad29ea7671fc4df47bbReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Surefire Extensions SPI High Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor pom groupid apache.maven.surefire Highest Vendor jar package name spi Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom artifactid surefire-extensions-spi Low Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Vendor file name surefire-extensions-spi High Product Manifest Implementation-Title Surefire Extensions SPI High Product Manifest specification-title Surefire Extensions SPI Medium Product pom parent-artifactid surefire Medium Product pom name Surefire Extensions SPI High Product pom parent-groupid org.apache.maven.surefire Medium Product jar package name spi Highest Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product pom artifactid surefire-extensions-spi Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product jar package name surefire Highest Product file name surefire-extensions-spi High Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
surefire-logger-api-3.0.0-M5.jarDescription:
Interfaces and Utilities related only to internal SureFire Logger API. Free of dependencies.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-logger-api\3.0.0-M5\surefire-logger-api-3.0.0-M5.jarMD5: e070e8ce3d0eca0942a5afec97cb194bSHA1: 2cb77a5d3bfc2036addb68faf1b135edd28a4f37SHA256: 739627f1ecb7b2253e5900c01d7c734187707034978a8aa35f6758abc0dc76f8Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor file name surefire-logger-api High Vendor pom artifactid surefire-logger-api Low Vendor pom groupid apache.maven.surefire Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Vendor pom name SureFire Logger API High Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product file name surefire-logger-api High Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product Manifest Implementation-Title SureFire Logger API High Product Manifest specification-title SureFire Logger API Medium Product pom artifactid surefire-logger-api Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product jar package name surefire Highest Product pom name SureFire Logger API High Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
surefire-report-parser-3.0.0-M5.jarDescription:
Parses report output files from surefire. File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-report-parser\3.0.0-M5\surefire-report-parser-3.0.0-M5.jarMD5: 5b190f40b9d42f24c5b58259a9fc0630SHA1: 759d3fe71881d41a514cee4e08f4f4af218ec856SHA256: a3563f2b909aaa0fc022b28272d51cf9efa9ee7dfdf5216fc0f60d24a16986eeReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid surefire-report-parser Low Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor file name surefire-report-parser High Vendor pom groupid apache.maven.surefire Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor pom parent-artifactid surefire Low Vendor pom name Surefire Report Parser High Vendor jar package name surefire Highest Product pom artifactid surefire-report-parser Highest Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product file name surefire-report-parser High Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product Manifest Implementation-Title Surefire Report Parser High Product Manifest build-jdk-spec 1.8 Low Product jar package name maven Highest Product Manifest specification-title Surefire Report Parser Medium Product pom name Surefire Report Parser High Product jar package name surefire Highest Version pom version 3.0.0-M5 Highest Version Manifest Implementation-Version 3.0.0-M5 High
surefire-shared-utils-3.0.0-M4.jarDescription:
Relocated Java packages of maven-shared-utils in Surefire License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-shared-utils\3.0.0-M4\surefire-shared-utils-3.0.0-M4.jar
MD5: 43eee401353ad58060270847d62c66f1
SHA1: 1116f5a4cce706f2c2c39a52365971ac13181ea4
SHA256: 90574246a32a6d6d85e484bf075eb47bd5344581dc8496128b67527d2d28cd0d
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest Implementation-Vendor-Id org.apache.maven.surefire Medium Vendor pom artifactid surefire-shared-utils Low Vendor pom parent-groupid org.apache.maven.surefire Medium Vendor pom name Surefire Shared Utils High Vendor pom groupid apache.maven.surefire Highest Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom groupid org.apache.maven.surefire Highest Vendor jar package name maven Highest Vendor Manifest implementation-url https://maven.apache.org/surefire/surefire-shared-utils/ Low Vendor jar package name shared Highest Vendor pom parent-artifactid surefire Low Vendor jar package name surefire Highest Vendor file name surefire-shared-utils High Product pom parent-artifactid surefire Medium Product pom parent-groupid org.apache.maven.surefire Medium Product pom name Surefire Shared Utils High Product pom groupid apache.maven.surefire Highest Product jar package name apache Highest Product Manifest Implementation-Title Surefire Shared Utils High Product Manifest specification-title Surefire Shared Utils Medium Product Manifest implementation-url https://maven.apache.org/surefire/surefire-shared-utils/ Low Product jar package name maven Highest Product pom artifactid surefire-shared-utils Highest Product jar package name shared Highest Product jar package name surefire Highest Product file name surefire-shared-utils High Version pom version 3.0.0-M4 Highest Version Manifest Implementation-Version 3.0.0-M4 High
surefire-shared-utils-3.0.0-M4.jar (shaded: commons-codec:commons-codec:1.11)Description:
The Apache Commons Codec package contains simple encoder and decoders for
various formats such as Base64 and Hexadecimal. In addition to these
widely used encoders and decoders, the codec package also maintains a
collection of phonetic encoding utilities.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-shared-utils\3.0.0-M4\surefire-shared-utils-3.0.0-M4.jar\META-INF/maven/commons-codec/commons-codec/pom.xmlMD5: 9a239bab862f7252e68c5180e43bfaa4SHA1: 093ee1760aba62d6896d578bd7d247d0fa52f0e7SHA256: c1e7140d1dea8fdf3528bc1e3c5444ac0b541297311f45f9806c213ec3ee9a10Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid commons-codec Highest Vendor pom name Apache Commons Codec High Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom artifactid commons-codec Low Vendor pom url http://commons.apache.org/proper/commons-codec/ Highest Product pom groupid commons-codec Highest Product pom parent-artifactid commons-parent Medium Product pom name Apache Commons Codec High Product pom artifactid commons-codec Highest Product pom parent-groupid org.apache.commons Medium Product pom url http://commons.apache.org/proper/commons-codec/ Medium Version pom version 1.11 Highest Version pom parent-version 1.11 Low
surefire-shared-utils-3.0.0-M4.jar (shaded: commons-io:commons-io:2.6)Description:
The Apache Commons IO library contains utility classes, stream implementations, file filters,
file comparators, endian transformation classes, and much more.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-shared-utils\3.0.0-M4\surefire-shared-utils-3.0.0-M4.jar\META-INF/maven/commons-io/commons-io/pom.xmlMD5: 142e515fa628cd8379aaac94ab237a8cSHA1: 5060835593e5b6ed18c82fc2e782f0a3c30a00b1SHA256: 0c23863893a2291f5a7afdbd8d15923b3948afd87e563fa341cdcf6eae338a60Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://commons.apache.org/proper/commons-io/ Highest Vendor pom parent-artifactid commons-parent Low Vendor pom groupid commons-io Highest Vendor pom parent-groupid org.apache.commons Medium Vendor pom artifactid commons-io Low Vendor pom name Apache Commons IO High Product pom parent-artifactid commons-parent Medium Product pom groupid commons-io Highest Product pom parent-groupid org.apache.commons Medium Product pom name Apache Commons IO High Product pom url http://commons.apache.org/proper/commons-io/ Medium Product pom artifactid commons-io Highest Version pom parent-version 2.6 Low Version pom version 2.6 Highest
surefire-shared-utils-3.0.0-M4.jar (shaded: org.apache.commons:commons-lang3:3.8.1)Description:
Apache Commons Lang, a package of Java utility classes for the
classes that are in java.lang's hierarchy, or are considered to be so
standard as to justify existence in java.lang.
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-shared-utils\3.0.0-M4\surefire-shared-utils-3.0.0-M4.jar\META-INF/maven/org.apache.commons/commons-lang3/pom.xmlMD5: 6087c3874f837cc29aec94bf7551ff3aSHA1: 59092f9d06947b986318dfbe297312e08379b0aeSHA256: ec8e09f75411685205bd0d9d7872cc3622e67c76df44a0a227b278bea04458d5Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid commons-lang3 Low Vendor pom parent-artifactid commons-parent Low Vendor pom parent-groupid org.apache.commons Medium Vendor pom groupid apache.commons Highest Vendor pom url http://commons.apache.org/proper/commons-lang/ Highest Vendor pom name Apache Commons Lang High Product pom parent-artifactid commons-parent Medium Product pom url http://commons.apache.org/proper/commons-lang/ Medium Product pom parent-groupid org.apache.commons Medium Product pom groupid apache.commons Highest Product pom artifactid commons-lang3 Highest Product pom name Apache Commons Lang High Version pom parent-version 3.8.1 Low Version pom version 3.8.1 Highest
surefire-shared-utils-3.0.0-M4.jar (shaded: org.apache.maven.shared:maven-shared-utils:3.1.0)Description:
Shared utils without any further dependencies File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\surefire\surefire-shared-utils\3.0.0-M4\surefire-shared-utils-3.0.0-M4.jar\META-INF/maven/org.apache.maven.shared/maven-shared-utils/pom.xmlMD5: a35e9435ff00e482e87bf1f837b909dcSHA1: 96d533d4ae5c8ae5abe3f2e04fea554e2b03fd99SHA256: 68f9fdef85d2c89f53c63cbc559920e0115bd30eb6f7076c9854931d3829027bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom name Apache Maven Shared Utils High Vendor pom parent-groupid org.apache.maven.shared Medium Vendor pom artifactid maven-shared-utils Low Vendor pom groupid apache.maven.shared Highest Vendor pom parent-artifactid maven-shared-components Low Product pom parent-artifactid maven-shared-components Medium Product pom name Apache Maven Shared Utils High Product pom parent-groupid org.apache.maven.shared Medium Product pom groupid apache.maven.shared Highest Product pom artifactid maven-shared-utils Highest Version pom parent-version 3.1.0 Low Version pom version 3.1.0 Highest
svnkit-1.8.5.jarDescription:
Pure Java Subversion Library License:
TMate Open Source License (with dual licensing option): http://www.svnkit.com/license.html File Path: C:\Users\Jeremy\.m2\repository\org\tmatesoft\svnkit\svnkit\1.8.5\svnkit-1.8.5.jar
MD5: 033347fda10a9062b8d2995bed2dfd68
SHA1: a9600329d7e6271ab8ab7eb769c4df5adcdf503c
SHA256: dc41f05e95142c673ca693232010b4d3ce01714a27b6369d3d1fa6f1ef808950
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest build-number r10237_v20140319_1934 Low Vendor pom groupid tmatesoft.svnkit Highest Vendor pom url http://www.svnkit.com/ Highest Vendor pom artifactid svnkit Low Vendor file name svnkit High Vendor jar package name tmatesoft Highest Vendor pom name SVNKit Library High Vendor pom groupid org.tmatesoft.svnkit Highest Product Manifest build-number r10237_v20140319_1934 Low Product pom groupid tmatesoft.svnkit Highest Product pom url http://www.svnkit.com/ Medium Product file name svnkit High Product pom artifactid svnkit Highest Product jar package name tmatesoft Highest Product pom name SVNKit Library High Version pom version 1.8.5 Highest Version Manifest build-version 1.8.5 Medium Version file version 1.8.5 High
svnkit-1.8.5.jar: template.jarFile Path: C:\Users\Jeremy\.m2\repository\org\tmatesoft\svnkit\svnkit\1.8.5\svnkit-1.8.5.jar\org\tmatesoft\svn\core\io\repository\template.jarMD5: 7c709f1f7bc761ef0a10b0d51c0cfb7cSHA1: 2b270a4f68980879cb48d0298ce543067821f390SHA256: 41db3abf1803722a0c224f46966817b692e557c511fa92477146bb00ed98af90Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name template High Product file name template High
taglist-maven-plugin-2.4.jarDescription:
Produce a tag list report. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\taglist-maven-plugin\2.4\taglist-maven-plugin-2.4.jar
MD5: 7b17a15db799ff9b6eec475174336086
SHA1: 1bff1ec23266b304b55f1a985711ca732465d0fb
SHA256: 574890e1c9f4d98ac2d040d12d4dcf3b6d641243349f155283ef24ac6c815670
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name mojo Low Vendor jar package name taglist Highest Vendor pom name Taglist Maven Plugin High Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor jar package name taglist Low Vendor file name taglist-maven-plugin High Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor pom groupid codehaus.mojo Highest Vendor pom artifactid taglist-maven-plugin Low Vendor pom parent-artifactid mojo-parent Low Vendor jar package name codehaus Low Product pom groupid codehaus.mojo Highest Product jar package name mojo Low Product jar package name taglist Highest Product pom name Taglist Maven Plugin High Product pom parent-artifactid mojo-parent Medium Product pom artifactid taglist-maven-plugin Highest Product jar package name mojo Highest Product jar package name codehaus Highest Product jar package name taglist Low Product file name taglist-maven-plugin High Product pom parent-groupid org.codehaus.mojo Medium Version pom parent-version 2.4 Low Version pom version 2.4 Highest Version file version 2.4 High
tidy-maven-plugin-1.1.0.jarDescription:
Tidy Plugin for Maven. The Tidy plugin provides goals for tidying up
your source code.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\tidy-maven-plugin\1.1.0\tidy-maven-plugin-1.1.0.jar
MD5: 9b272f61409c7cf39a151507f8fd7cf1
SHA1: 3e6954b3b827a0c40f2320835b2adb6f2649b283
SHA256: b6c8616caa0474a55fc4e4505f01bd1a4d7b97f983e1efc88707ad90ba293adb
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name tidy Low Vendor jar package name mojo Low Vendor file name tidy-maven-plugin High Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor jar package name tidy Highest Vendor pom name Tidy Maven Plugin High Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor pom groupid codehaus.mojo Highest Vendor pom parent-artifactid mojo-parent Low Vendor pom url http://www.mojohaus.org/tidy-maven-plugin/ Highest Vendor jar package name codehaus Low Vendor pom artifactid tidy-maven-plugin Low Product jar package name tidy Low Product jar package name task Low Product jar package name mojo Low Product file name tidy-maven-plugin High Product pom parent-artifactid mojo-parent Medium Product jar package name mojo Highest Product jar package name codehaus Highest Product jar package name tidy Highest Product pom url http://www.mojohaus.org/tidy-maven-plugin/ Medium Product pom artifactid tidy-maven-plugin Highest Product pom name Tidy Maven Plugin High Product pom parent-groupid org.codehaus.mojo Medium Product pom groupid codehaus.mojo Highest Version file version 1.1.0 High Version pom version 1.1.0 Highest Version pom parent-version 1.1.0 Low
trilead-ssh2-1.0.0-build217.jarDescription:
Java SSH2 Library License:
Trilead Library License: http://www.svnkit.com/TRILEAD-LICENSE.txt File Path: C:\Users\Jeremy\.m2\repository\com\trilead\trilead-ssh2\1.0.0-build217\trilead-ssh2-1.0.0-build217.jar
MD5: e366f6cde4d48d3853588920795d72ae
SHA1: bd26b6a96923d5112cd20f821a16b589742ce1aa
SHA256: 1e6cac3e3b9b6bd8d34ac44ec12b755cd92a96b58ef62dacfcac27d9eab8ee90
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest build-number r155_v20130603_1628 Low Vendor file name trilead-ssh2 High Vendor pom artifactid trilead-ssh2 Low Vendor pom name Trilead SSH2 Library High Vendor pom url http://svn.svnkit.com/repos/3rdparty/com.trilead.ssh2 Highest Vendor jar package name ssh2 Highest Vendor jar package name trilead Highest Vendor pom groupid com.trilead Highest Vendor pom groupid trilead Highest Product Manifest build-number r155_v20130603_1628 Low Product pom url http://svn.svnkit.com/repos/3rdparty/com.trilead.ssh2 Medium Product file name trilead-ssh2 High Product pom name Trilead SSH2 Library High Product jar package name ssh2 Highest Product jar package name trilead Highest Product pom groupid trilead Highest Product pom artifactid trilead-ssh2 Highest Version pom version 1.0.0-build217 Highest Version Manifest build-version 1.0.0-build217 Medium
velocity-1.7.jarDescription:
Apache Velocity is a general purpose template engine. File Path: C:\Users\Jeremy\.m2\repository\org\apache\velocity\velocity\1.7\velocity-1.7.jarMD5: 3692dd72f8367cb35fb6280dc2916725SHA1: 2ceb567b8f3f21118ecdec129fe1271dbc09aa7aSHA256: ec92dae810034f4b46dbb16ef4364a4013b0efb24a8c5dd67435cae46a290d8eReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name velocity Highest Vendor file name velocity High Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor Manifest specification-vendor Apache Software Foundation Low Vendor pom url http://velocity.apache.org/engine/devel/ Highest Vendor Manifest extension-name velocity Medium Vendor jar package name template Highest Vendor jar package name apache Highest Vendor pom name Apache Velocity High Vendor pom parent-artifactid apache Low Vendor pom parent-groupid org.apache Medium Vendor pom groupid apache.velocity Highest Vendor pom artifactid velocity Low Vendor Manifest bundle-symbolicname org.apache.velocity Medium Vendor pom groupid org.apache.velocity Highest Product jar package name velocity Highest Product file name velocity High Product pom parent-artifactid apache Medium Product pom artifactid velocity Highest Product Manifest Bundle-Name Apache Velocity Medium Product Manifest specification-title Velocity is a Java-based template engine Medium Product Manifest extension-name velocity Medium Product jar package name template Highest Product jar package name apache Highest Product Manifest Implementation-Title org.apache.velocity High Product pom name Apache Velocity High Product pom parent-groupid org.apache Medium Product pom groupid apache.velocity Highest Product Manifest bundle-symbolicname org.apache.velocity Medium Product pom url http://velocity.apache.org/engine/devel/ Medium Version pom parent-version 1.7 Low Version pom version 1.7 Highest Version file version 1.7 High Version Manifest Implementation-Version 1.7 High Version Manifest Bundle-Version 1.7 High
velocity-tools-2.0.jarDescription:
VelocityTools is an integrated collection of Velocity subprojects
with the common goal of creating tools and infrastructure to speed and ease
development of both web and non-web applications using the Velocity template
engine.
License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\velocity\velocity-tools\2.0\velocity-tools-2.0.jar
MD5: 51ed2c6c0103cf3fdbeb9aa5170f5288
SHA1: 69936384de86857018b023a8c56ae0635c56b6a0
SHA256: b174eb36bc48c25dce10571c7d3d5dca4e4c1b3e2e31a92b9ed68fe9dea688d9
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name velocity-tools High Vendor jar package name velocity Highest Vendor Manifest Implementation-Vendor-Id org.apache Medium Vendor Manifest Implementation-Vendor Apache Software Foundation High Vendor pom url http://velocity.apache.org/tools/devel/ Highest Vendor Manifest specification-vendor Apache Software Foundation Low Vendor pom name VelocityTools High Vendor pom organization name Apache Software Foundation High Vendor Manifest extension-name velocity-tools Medium Vendor jar package name apache Highest Vendor pom organization url http://velocity.apache.org/ Medium Vendor jar package name tools Highest Vendor pom groupid apache.velocity Highest Vendor pom artifactid velocity-tools Low Vendor pom groupid org.apache.velocity Highest Product file name velocity-tools High Product jar package name velocity Highest Product pom artifactid velocity-tools Highest Product pom name VelocityTools High Product pom organization url http://velocity.apache.org/ Low Product pom url http://velocity.apache.org/tools/devel/ Medium Product Manifest specification-title VelocityTools is a set of utilities for use with the Velocity template engine and Struts web framework Medium Product Manifest extension-name velocity-tools Medium Product jar package name struts Highest Product jar package name apache Highest Product Manifest Implementation-Title org.apache.velocity High Product pom organization name Apache Software Foundation Low Product jar package name tools Highest Product pom groupid apache.velocity Highest Version pom version 2.0 Highest Version Manifest Implementation-Version 2.0 High Version file version 2.0 High
versions-maven-plugin-2.8.1.jarDescription:
Versions Plugin for Maven. The Versions Plugin updates the versions of components in the POM.
License:
Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\versions-maven-plugin\2.8.1\versions-maven-plugin-2.8.1.jar
MD5: 0b6bbb622f49f8e51511aca2b46f3181
SHA1: f8017afb2758c8e4aec098783255694403d1385a
SHA256: 3242838f4b9b0d36b849a6e99760915db05195f75af02f5d3116e0e0d9f73f4f
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name versions Highest Vendor pom name Versions Maven Plugin High Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor pom url http://www.mojohaus.org/versions-maven-plugin/ Highest Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor file name versions-maven-plugin High Vendor pom groupid codehaus.mojo Highest Vendor pom parent-artifactid mojo-parent Low Vendor Manifest build-jdk-spec 1.8 Low Vendor pom artifactid versions-maven-plugin Low Product file name versions-maven-plugin High Product pom groupid codehaus.mojo Highest Product pom artifactid versions-maven-plugin Highest Product jar package name versions Highest Product Manifest build-jdk-spec 1.8 Low Product pom name Versions Maven Plugin High Product pom parent-artifactid mojo-parent Medium Product jar package name mojo Highest Product jar package name codehaus Highest Product pom parent-groupid org.codehaus.mojo Medium Product pom url http://www.mojohaus.org/versions-maven-plugin/ Medium Version pom version 2.8.1 Highest Version file version 2.8.1 High Version pom parent-version 2.8.1 Low
wagon-file-3.4.0.jarDescription:
Wagon provider that gets and puts artifacts using file system protocol
File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\wagon\wagon-file\3.4.0\wagon-file-3.4.0.jarMD5: 9d5976aa0080153c012769f29e877b90SHA1: d31d744a0065072e5a84b0ad4170946b951a27e4SHA256: f6383d07de70265476021e3defd95a6d7cfcb2cf1f7a4d18335a829924093074Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid apache.maven.wagon Highest Vendor pom name Apache Maven Wagon :: Providers :: File Provider High Vendor jar package name providers Highest Vendor pom groupid org.apache.maven.wagon Highest Vendor pom parent-groupid org.apache.maven.wagon Medium Vendor file name wagon-file High Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor pom artifactid wagon-file Low Vendor Manifest build-jdk-spec 1.8 Low Vendor jar package name maven Highest Vendor jar package name wagon Highest Vendor pom parent-artifactid wagon-providers Low Product pom groupid apache.maven.wagon Highest Product pom name Apache Maven Wagon :: Providers :: File Provider High Product jar package name providers Highest Product Manifest specification-title Apache Maven Wagon :: Providers :: File Provider Medium Product Manifest Implementation-Title Apache Maven Wagon :: Providers :: File Provider High Product pom parent-groupid org.apache.maven.wagon Medium Product file name wagon-file High Product jar package name apache Highest Product pom artifactid wagon-file Highest Product jar package name maven Highest Product Manifest build-jdk-spec 1.8 Low Product jar package name wagon Highest Product pom parent-artifactid wagon-providers Medium Version file version 3.4.0 High Version Manifest Implementation-Version 3.4.0 High Version pom version 3.4.0 Highest
wagon-maven-plugin-2.0.0.jarDescription:
Maven plugin that can be used to access various operations on a given URL using a supported maven wagon. Supports
recursive upload, download, and list directory content functionality.
License:
Apache License 2: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\mojo\wagon-maven-plugin\2.0.0\wagon-maven-plugin-2.0.0.jar
MD5: ad3990382f934dadaecb1d06263461e7
SHA1: b01d881c516751367647ea858c148d7eafc48f9d
SHA256: 3b5345fc48da7db321158d3d00a9a516e64cb35a5cd9b3e8917d3af6d891981b
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid wagon-maven-plugin Low Vendor jar package name mojo Low Vendor file name wagon-maven-plugin High Vendor pom url http://www.mojohaus.org/wagon-maven-plugin/ Highest Vendor jar package name mojo Highest Vendor jar package name codehaus Highest Vendor pom name Wagon Maven Plugin High Vendor pom parent-groupid org.codehaus.mojo Medium Vendor pom groupid org.codehaus.mojo Highest Vendor jar package name wagon Low Vendor pom groupid codehaus.mojo Highest Vendor pom parent-artifactid mojo-parent Low Vendor jar package name wagon Highest Vendor jar package name codehaus Low Product pom url http://www.mojohaus.org/wagon-maven-plugin/ Medium Product jar package name mojo Low Product file name wagon-maven-plugin High Product pom parent-artifactid mojo-parent Medium Product pom artifactid wagon-maven-plugin Highest Product jar package name mojo Highest Product jar package name codehaus Highest Product pom name Wagon Maven Plugin High Product pom parent-groupid org.codehaus.mojo Medium Product jar package name wagon Low Product pom groupid codehaus.mojo Highest Product jar package name wagon Highest Version file version 2.0.0 High Version pom parent-version 2.0.0 Low Version pom version 2.0.0 Highest
wagon-provider-api-2.4.jarDescription:
Maven Wagon API that defines the contract between different Wagon implementations File Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\wagon\wagon-provider-api\2.4\wagon-provider-api-2.4.jarMD5: 882add48c16ceb068eacb5a19e636c1eSHA1: e40429d9dd849c5fe0bdf97062b1d9358d99826dSHA256: f65d8d59d71bca18ffa259b5a6de67697bc65b9ff1142c7bb4417ab4b1cacd92Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor file name wagon-provider-api High Vendor pom groupid apache.maven.wagon Highest Vendor pom artifactid wagon-provider-api Low Vendor pom parent-artifactid wagon Low Vendor pom groupid org.apache.maven.wagon Highest Vendor pom parent-groupid org.apache.maven.wagon Medium Vendor jar package name apache Highest Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.wagon Medium Vendor jar package name wagon Highest Vendor pom name Apache Maven Wagon :: API High Product jar package name apache Highest Product file name wagon-provider-api High Product pom groupid apache.maven.wagon Highest Product jar package name maven Highest Product jar package name wagon Highest Product Manifest specification-title Apache Maven Wagon :: API Medium Product pom parent-artifactid wagon Medium Product Manifest Implementation-Title Apache Maven Wagon :: API High Product pom parent-groupid org.apache.maven.wagon Medium Product pom artifactid wagon-provider-api Highest Product pom name Apache Maven Wagon :: API High Version Manifest Implementation-Version 2.4 High Version pom version 2.4 Highest Version file version 2.4 High
wagon-ssh-3.0.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\wagon\wagon-ssh\3.0.0\wagon-ssh-3.0.0.jarMD5: 4628a92b0826213d7f8bd86a4b716b9eSHA1: 15339af55767a2e5c508eff2747db19adb7f3969SHA256: a5d56b117b0752f854962f0b2aaa8a5b24ae43d6124826e9afdc595346fbd6dbReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom groupid apache.maven.wagon Highest Vendor jar package name providers Highest Vendor pom groupid org.apache.maven.wagon Highest Vendor pom parent-groupid org.apache.maven.wagon Medium Vendor jar package name apache Highest Vendor file name wagon-ssh High Vendor Manifest specification-vendor The Apache Software Foundation Low Vendor pom artifactid wagon-ssh Low Vendor Manifest Implementation-Vendor The Apache Software Foundation High Vendor jar package name maven Highest Vendor Manifest Implementation-Vendor-Id org.apache.maven.wagon Medium Vendor jar package name wagon Highest Vendor pom name Apache Maven Wagon :: Providers :: SSH Provider High Vendor pom parent-artifactid wagon-providers Low Product pom groupid apache.maven.wagon Highest Product jar package name providers Highest Product Manifest Implementation-Title Apache Maven Wagon :: Providers :: SSH Provider High Product pom parent-groupid org.apache.maven.wagon Medium Product jar package name apache Highest Product file name wagon-ssh High Product jar package name maven Highest Product Manifest specification-title Apache Maven Wagon :: Providers :: SSH Provider Medium Product jar package name wagon Highest Product pom name Apache Maven Wagon :: Providers :: SSH Provider High Product pom parent-artifactid wagon-providers Medium Product pom artifactid wagon-ssh Highest Version pom version 3.0.0 Highest Version file version 3.0.0 High Version Manifest Implementation-Version 3.0.0 High
Related Dependencies wagon-ssh-common-3.0.0.jarFile Path: C:\Users\Jeremy\.m2\repository\org\apache\maven\wagon\wagon-ssh-common\3.0.0\wagon-ssh-common-3.0.0.jar MD5: 72ce27427abf669a03ff769f00e0af0d SHA1: 0c889c3def9481fff9ce93cc2037e52982a0c3b8 SHA256: 859275889faa1a44cf744536e30aba32d16479a6e09ce05227b720011a251ac1 pkg:maven/org.apache.maven.wagon/wagon-ssh-common@3.0.0 woodstox-core-5.0.3.jarDescription:
Woodstox is a high-performance XML processor that
implements Stax (JSR-173), SAX2 and Stax2 APIs
License:
The Apache License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\com\fasterxml\woodstox\woodstox-core\5.0.3\woodstox-core-5.0.3.jar
MD5: 8b151bd3d262d9c07e0384b7cc6c4cd9
SHA1: 10aa199207fda142eff01cd61c69244877d71770
SHA256: a1c04b64fbfe20ae9f2c60a3bf1633fed6688ae31935b6bd4a457a1bbb2e82d4
Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor pom organization url http://fasterxml.com Medium Vendor Manifest implementation-build-date 2016-08-24 03:58:19+0000 Low Vendor jar package name stax Highest Vendor pom parent-groupid com.fasterxml Medium Vendor pom artifactid woodstox-core Low Vendor pom name Woodstox High Vendor Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Vendor pom groupid com.fasterxml.woodstox Highest Vendor file name woodstox-core High Vendor Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Vendor pom organization name FasterXML High Vendor pom parent-artifactid oss-parent Low Vendor Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Vendor Manifest specification-vendor FasterXML Low Vendor Manifest Implementation-Vendor-Id com.fasterxml.woodstox Medium Vendor pom url FasterXML/woodstox Highest Vendor pom groupid fasterxml.woodstox Highest Vendor Manifest Implementation-Vendor FasterXML High Product Manifest implementation-build-date 2016-08-24 03:58:19+0000 Low Product pom organization name FasterXML Low Product pom artifactid woodstox-core Highest Product jar package name stax Highest Product pom parent-artifactid oss-parent Medium Product pom parent-groupid com.fasterxml Medium Product pom name Woodstox High Product Manifest bundle-symbolicname com.fasterxml.woodstox.woodstox-core Medium Product jar package name osgi Highest Product file name woodstox-core High Product Manifest require-capability osgi.ee;filter:="(&(osgi.ee=JavaSE)(version=1.6))" Low Product pom url FasterXML/woodstox High Product Manifest Bundle-Name Woodstox Medium Product pom organization url http://fasterxml.com Low Product Manifest bundle-docurl https://github.com/FasterXML/woodstox Low Product Manifest Implementation-Title Woodstox High Product Manifest specification-title Woodstox Medium Product pom groupid fasterxml.woodstox Highest Version Manifest Bundle-Version 5.0.3 High Version Manifest Implementation-Version 5.0.3 High Version pom parent-version 5.0.3 Low Version pom version 5.0.3 Highest Version file version 5.0.3 High
woodstox-core-asl-4.4.1.jarDescription:
Woodstox is a high-performance XML processor that
implements Stax (JSR-173) and SAX2 APIs License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\woodstox\woodstox-core-asl\4.4.1\woodstox-core-asl-4.4.1.jar
MD5: 1f53f91f117288fb2ef2e120f27e5498
SHA1: 84fee5eb1a4a1cefe65b6883c73b3fa83be3c1a1
SHA256: 274fa403ed08c0d6f2f574dc1916adaaaec9a493e56d6442f8797ede620bca65
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name stax Highest Vendor pom name Woodstox High Vendor pom url http://woodstox.codehaus.org Highest Vendor pom groupid org.codehaus.woodstox Highest Vendor Manifest Implementation-Vendor http://woodstox.codehaus.org High Vendor pom organization name Codehaus High Vendor pom organization url http://www.codehaus.org/ Medium Vendor file name woodstox-core-asl High Vendor Manifest specification-vendor http://jcp.org/en/jsr/detail?id=173 Low Vendor pom artifactid woodstox-core-asl Low Vendor Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Vendor Manifest bundle-symbolicname woodstox-core-asl Medium Vendor pom groupid codehaus.woodstox Highest Product pom organization name Codehaus Low Product pom organization url http://www.codehaus.org/ Low Product pom url http://woodstox.codehaus.org Medium Product Manifest Bundle-Name Woodstox XML-processor Medium Product Manifest Implementation-Title Woodstox XML-processor High Product jar package name stax Highest Product pom name Woodstox High Product pom artifactid woodstox-core-asl Highest Product file name woodstox-core-asl High Product Manifest specification-title Stax 1.0 API Medium Product jar package name api Highest Product Manifest bundle-requiredexecutionenvironment J2SE-1.4 Low Product Manifest bundle-symbolicname woodstox-core-asl Medium Product pom groupid codehaus.woodstox Highest Version Manifest Implementation-Version 4.4.1 High Version Manifest Bundle-Version 4.4.1 High Version pom version 4.4.1 Highest Version file version 4.4.1 High
wstx-asl-3.2.6.jarDescription:
Woodstox is a high-performance XML processor that implements Stax (JSR-173) API License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\codehaus\woodstox\wstx-asl\3.2.6\wstx-asl-3.2.6.jar
MD5: f3794a87dfe108a4cb4e1599f4937842
SHA1: 4a9245455960a63d8a92f58810db80ac5368f91c
SHA256: 03cbe8dcaa909a6f72219abec105675c6df08898971c326cf7e64373bff5e769
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom artifactid wstx-asl Low Vendor jar package name stax Highest Vendor jar package name wstx Highest Vendor pom name Woodstox High Vendor pom url http://woodstox.codehaus.org Highest Vendor jar package name codehaus Highest Vendor pom groupid org.codehaus.woodstox Highest Vendor pom organization name Codehaus High Vendor Manifest Implementation-Vendor woodstox.codehaus.org High Vendor pom organization url http://www.codehaus.org/ Medium Vendor Manifest specification-vendor http://jcp.org/en/jsr/detail?id=173 Low Vendor jar package name api Highest Vendor file name wstx-asl High Vendor pom groupid codehaus.woodstox Highest Product pom organization name Codehaus Low Product pom organization url http://www.codehaus.org/ Low Product pom url http://woodstox.codehaus.org Medium Product jar package name stax Highest Product Manifest Implementation-Title WoodSToX XML-processor High Product jar package name wstx Highest Product pom name Woodstox High Product jar package name codehaus Highest Product Manifest specification-title StAX 1.0 API Medium Product jar package name api Highest Product pom artifactid wstx-asl Highest Product file name wstx-asl High Product pom groupid codehaus.woodstox Highest Version Manifest Implementation-Version 3.2.6 High Version file version 3.2.6 High Version pom version 3.2.6 Highest
xalan-2.7.0.jarFile Path: C:\Users\Jeremy\.m2\repository\xalan\xalan\2.7.0\xalan-2.7.0.jarMD5: a018d032c21a873225e702b36b171a10SHA1: a33c0097f1c70b20fa7ded220ea317eb3500515eSHA256: bf1f065efd6e3d5cb964db4130815752015873338999d23dcafc2dbc89fc7d9bReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name apache Highest Vendor manifest: java_cup/runtime/ Implementation-Vendor Princeton University Medium Vendor file name xalan High Vendor manifest: org/apache/xpath/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xml/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xalan/ Implementation-Vendor Apache Software Foundation Medium Vendor manifest: org/apache/xalan/xsltc/ Implementation-Vendor Apache Software Foundation Medium Vendor jar package name xalan Highest Vendor pom groupid xalan Highest Vendor pom artifactid xalan Low Product manifest: org/apache/xml/ Implementation-Title org.apache.xml Medium Product manifest: java_cup/runtime/ Specification-Title Runtime component of JCup Medium Product jar package name xalan Highest Product pom artifactid xalan Highest Product manifest: org/apache/xalan/ Implementation-Title org.apache.xalan Medium Product manifest: org/apache/xalan/ Specification-Title Java API for XML Processing Medium Product jar package name xml Highest Product manifest: org/apache/xalan/xsltc/ Specification-Title Java API for XML Processing Medium Product jar package name apache Highest Product jar package name runtime Highest Product manifest: org/apache/xpath/ Implementation-Title org.apache.xpath Medium Product manifest: java_cup/runtime/ Implementation-Title runtime Medium Product file name xalan High Product jar package name xpath Highest Product manifest: org/apache/xalan/xsltc/ Implementation-Title org.apache.xalan.xsltc Medium Product jar package name xsltc Highest Product pom groupid xalan Highest Version manifest: org/apache/xpath/ Implementation-Version 2.7.0 Medium Version manifest: org/apache/xalan/xsltc/ Implementation-Version 2.7.0 Medium Version manifest: org/apache/xml/ Implementation-Version 2.7.0 Medium Version file version 2.7.0 High Version pom version 2.7.0 Highest Version manifest: org/apache/xalan/ Implementation-Version 2.7.0 Medium Version manifest: java_cup/runtime/ Implementation-Version 2.7.0 Medium
Published Vulnerabilities CVE-2014-0107 suppress
The TransformerFactory in Apache Xalan-Java before 2.7.2 does not properly restrict access to certain properties when FEATURE_SECURE_PROCESSING is enabled, which allows remote attackers to bypass expected restrictions and load arbitrary classes or access external resources via a crafted (1) xalan:content-header, (2) xalan:entities, (3) xslt:content-header, or (4) xslt:entities property, or a Java property that is bound to the XSLT 1.0 system-property function. CWE-264 Permissions, Privileges, and Access Controls
CVSSv2:
Base Score: HIGH (7.5) Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P References:
Vulnerable Software & Versions: (show all )
xbean-reflect-3.7.jarDescription:
xbean-reflect provides very flexible ways to creat objects and graphs of objects for DI frameworks License:
http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\org\apache\xbean\xbean-reflect\3.7\xbean-reflect-3.7.jar
MD5: b77f0c9914e56547409e65137acba9eb
SHA1: 6072a967ec936b3bb25b421d8eca07dd750219fd
SHA256: 104e5e9bb5a669f86722f32281960700f7ec8e3209ef51b23eb9b6d23d1629cb
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.apache.xbean.reflect Medium Vendor jar package name apache Highest Vendor file name xbean-reflect High Vendor Manifest bundle-docurl http://geronimo.apache.org/maven/xbean/3.7/xbean-reflect Low Vendor pom groupid apache.xbean Highest Vendor pom artifactid xbean-reflect Low Vendor pom groupid org.apache.xbean Highest Vendor pom parent-groupid org.apache.xbean Medium Vendor pom parent-artifactid xbean Low Vendor jar package name xbean Highest Vendor pom name Apache XBean :: Reflect High Product Manifest bundle-docurl http://geronimo.apache.org/maven/xbean/3.7/xbean-reflect Low Product Manifest Implementation-Title Apache XBean :: Reflect High Product Manifest Bundle-Name Apache XBean :: Reflect Medium Product Manifest bundle-symbolicname org.apache.xbean.reflect Medium Product jar package name apache Highest Product file name xbean-reflect High Product pom parent-artifactid xbean Medium Product pom groupid apache.xbean Highest Product pom parent-groupid org.apache.xbean Medium Product pom artifactid xbean-reflect Highest Product jar package name xbean Highest Product pom name Apache XBean :: Reflect High Version Manifest Implementation-Version 3.7 High Version pom version 3.7 Highest Version Manifest Bundle-Version 3.7 High Version file version 3.7 High
xml-apis-1.0.b2.jarDescription:
xml-commons provides an Apache-hosted set of DOM, SAX, and
JAXP interfaces for use in other xml-based projects. Our hope is that we
can standardize on both a common version and packaging scheme for these
critical XML standards interfaces to make the lives of both our developers
and users easier. The External Components portion of xml-commons contains
interfaces that are defined by external standards organizations. For DOM,
that's the W3C; for SAX it's David Megginson and sax.sourceforge.net; for
JAXP it's Sun. License:
The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt File Path: C:\Users\Jeremy\.m2\repository\xml-apis\xml-apis\1.0.b2\xml-apis-1.0.b2.jar
MD5: 458715c0f7646a56b1c6ad3138098beb
SHA1: 3136ca936f64c9d68529f048c2618bd356bf85c9
SHA256: 8232f3482c346d843e5e3fb361055771c1acc105b6d8a189eb9018c55948cf9f
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name dom Highest Vendor manifest: javax/xml/transform/ Implementation-Vendor Sun Microsystems Inc. Medium Vendor pom organization name Apache Software Foundation High Vendor manifest: org/w3c/dom/ Implementation-Vendor World Wide Web Consortium Medium Vendor manifest: org/apache/xmlcommons/Version Implementation-Vendor Apache Software Foundation Medium Vendor jar package name xml Highest Vendor jar package name sax Highest Vendor jar package name w3c Highest Vendor jar package name apache Highest Vendor pom artifactid xml-apis Low Vendor pom organization url http://www.apache.org/ Medium Vendor file name xml-apis High Vendor jar package name version Highest Vendor manifest: org/xml/sax/ Implementation-Vendor David Megginson Medium Vendor pom name XML Commons External Components XML APIs High Vendor pom url http://xml.apache.org/commons/#external Highest Vendor manifest: javax/xml/parsers/ Implementation-Vendor Sun Microsystems Inc. Medium Vendor pom groupid xml-apis Highest Product manifest: org/w3c/dom/ Specification-Title Document Object Model, Level 2 Core Medium Product jar package name transform Highest Product manifest: org/xml/sax/ Specification-Title Simple API for XML Medium Product manifest: org/xml/sax/ Implementation-Title org.xml.sax Medium Product manifest: javax/xml/transform/ Specification-Title Java API for XML Processing Medium Product jar package name xml Highest Product manifest: javax/xml/transform/ Implementation-Title javax.xml.transform Medium Product file name xml-apis High Product pom url http://xml.apache.org/commons/#external Medium Product pom name XML Commons External Components XML APIs High Product manifest: javax/xml/parsers/ Implementation-Title javax.xml.transform Medium Product jar package name xmlcommons Highest Product jar package name dom Highest Product manifest: org/apache/xmlcommons/Version Implementation-Title org.apache.xmlcommons.Version Medium Product manifest: javax/xml/parsers/ Specification-Title Java API for XML Processing Medium Product pom artifactid xml-apis Highest Product jar package name w3c Highest Product jar package name sax Highest Product jar package name javax Highest Product manifest: org/w3c/dom/ Implementation-Title org.w3c.dom Medium Product jar package name apache Highest Product jar package name version Highest Product pom organization name Apache Software Foundation Low Product jar package name document Highest Product pom groupid xml-apis Highest Product pom organization url http://www.apache.org/ Low Version manifest: org/apache/xmlcommons/Version Implementation-Version 1.0.b2 Medium Version file version 1.0.b2 High Version pom version 1.0.b2 Highest
xml-formatter-0.2.0.jarDescription:
XML Formatter for use with formatter-maven-plugin License:
Eclipse Public License, Version 2.0: http://www.eclipse.org/legal/epl-2.0 File Path: C:\Users\Jeremy\.m2\repository\net\revelc\code\formatter\xml-formatter\0.2.0\xml-formatter-0.2.0.jar
MD5: 7a57562ef99676a696bddc1956d3a0b9
SHA1: ba9ddab7148e8aa72b2e78b8a5ee6e0e951b8f54
SHA256: b83f5fc463e6940356ea12a28727b81807012fd68b039dac93978690122566a3
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name net Highest Vendor file name xml-formatter High Vendor pom artifactid xml-formatter Low Vendor pom name xml-formatter High Vendor pom url revelc/xml-formatter/ Highest Vendor pom groupid net.revelc.code.formatter Highest Vendor jar package name formatter Highest Vendor jar package name revelc Highest Vendor jar package name code Highest Vendor Manifest build-jdk-spec 11 Low Product jar package name net Highest Product file name xml-formatter High Product pom name xml-formatter High Product pom artifactid xml-formatter Highest Product pom groupid net.revelc.code.formatter Highest Product jar package name formatter Highest Product pom url revelc/xml-formatter/ High Product jar package name revelc Highest Product jar package name code Highest Product Manifest build-jdk-spec 11 Low Version file version 0.2.0 High Version pom version 0.2.0 Highest
xz-1.8.jarDescription:
XZ data compression License:
Public Domain File Path: C:\Users\Jeremy\.m2\repository\org\tukaani\xz\1.8\xz-1.8.jar
MD5: 5f982127e0de85b785c4b2abad21aa2e
SHA1: c4f7d054303948eb6a4066194253886c8af07128
SHA256: 8c7964b36fe3f0cbe644b04fcbff84e491ce81917db2f5bfa0cba8e9548aff5d
Referenced In Project/Scope: dependency-plugin-tracker:runtime
Evidence Type Source Name Value Confidence Vendor Manifest bundle-symbolicname org.tukaani.xz Medium Vendor jar package name tukaani Highest Vendor jar package name xz Highest Vendor pom url https://tukaani.org/xz/java.html Highest Vendor Manifest automatic-module-name org.tukaani.xz Medium Vendor Manifest bundle-docurl https://tukaani.org/xz/java.html Low Vendor pom groupid tukaani Highest Vendor pom artifactid xz Low Vendor pom groupid org.tukaani Highest Vendor file name xz High Vendor pom name XZ for Java High Vendor Manifest implementation-url https://tukaani.org/xz/java.html Low Product Manifest Bundle-Name XZ data compression Medium Product Manifest Implementation-Title XZ data compression High Product Manifest bundle-symbolicname org.tukaani.xz Medium Product jar package name tukaani Highest Product jar package name xz Highest Product Manifest automatic-module-name org.tukaani.xz Medium Product Manifest bundle-docurl https://tukaani.org/xz/java.html Low Product pom groupid tukaani Highest Product pom artifactid xz Highest Product file name xz High Product pom url https://tukaani.org/xz/java.html Medium Product pom name XZ for Java High Product Manifest implementation-url https://tukaani.org/xz/java.html Low Version file version 1.8 High Version pom version 1.8 Highest Version Manifest Bundle-Version 1.8 High Version Manifest Implementation-Version 1.8 High
yuicompressor-2.4.6.jarDescription:
The YUI Compressor is a JavaScript compressor which, in addition to removing
comments and white-spaces, obfuscates local variables using the smallest
possible variable name. This obfuscation is safe, even when using constructs
such as 'eval' or 'with' (although the compression is not optimal is those
cases) Compared to jsmin, the average savings is around 20%.
License:
BSD License: http://developer.yahoo.com/yui/license.html File Path: C:\Users\Jeremy\.m2\repository\com\yahoo\platform\yui\yuicompressor\2.4.6\yuicompressor-2.4.6.jar
MD5: 51c238fd93baa4d2ce86c4acd4652932
SHA1: 5b8477e867040ba58b6c8a7ac6deb6da22109237
SHA256: d6668fdbd0e0d8e000b24c50cbdd56f2c246b67d7d7179a567ade90450019133
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor pom url http://developer.yahoo.com/yui/compressor/ Highest Vendor jar package name javascript Highest Vendor pom name yui compressor High Vendor pom groupid com.yahoo.platform.yui Highest Vendor jar package name yahoo Highest Vendor pom artifactid yuicompressor Low Vendor file name yuicompressor High Vendor pom groupid yahoo.platform.yui Highest Vendor jar package name platform Highest Vendor jar package name yui Highest Vendor jar package name compressor Highest Product jar package name javascript Highest Product pom name yui compressor High Product jar package name yahoo Highest Product pom url http://developer.yahoo.com/yui/compressor/ Medium Product file name yuicompressor High Product pom artifactid yuicompressor Highest Product pom groupid yahoo.platform.yui Highest Product jar package name platform Highest Product jar package name yui Highest Product jar package name compressor Highest Version file version 2.4.6 High Version pom version 2.4.6 Highest
yuicompressor-maven-plugin-1.5.1.jarDescription:
To compress (Minify + Ofuscate) Javascript files and CSS
files (using YUI Compressor from Julien Lecomte) and/or to check
Javascript files with jslint.
License:
Public domain (Unlicense): http://unlicense.org/ File Path: C:\Users\Jeremy\.m2\repository\net\alchim31\maven\yuicompressor-maven-plugin\1.5.1\yuicompressor-maven-plugin-1.5.1.jar
MD5: b459214fa6dd07a4fd3dd5c8e9d120af
SHA1: eab7e1be0d0591db4158faf729a910be87a9a39b
SHA256: 6576d9b2d8864bb411e0e37e432912bd33ef94b3311dfb76126fc5f2400d9021
Referenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence Vendor jar package name net_alchim31_maven_yuicompressor Low Vendor pom groupid net.alchim31.maven Highest Vendor file name yuicompressor-maven-plugin High Vendor pom url http://github.com/davidB/${project.artifactId} Highest Vendor pom artifactid yuicompressor-maven-plugin Low Vendor pom name YUI Compressor Maven Mojo High Product pom groupid net.alchim31.maven Highest Product pom artifactid yuicompressor-maven-plugin Highest Product file name yuicompressor-maven-plugin High Product pom name YUI Compressor Maven Mojo High Product pom url http://github.com/davidB/${project.artifactId} Medium Version file version 1.5.1 High Version pom version 1.5.1 Highest
yuicompressor-maven-plugin-1.5.1.jar: jslint.jsFile Path: C:\Users\Jeremy\.m2\repository\net\alchim31\maven\yuicompressor-maven-plugin\1.5.1\yuicompressor-maven-plugin-1.5.1.jar\jslint.jsMD5: 9d0002ffb3156ff8080dc0fb63fb3f96SHA1: 8034fd5fc4da239389a76dad15161a66cf44875fSHA256: 2200e621d7c6ec1bd9367c6909f6075bd36a8f3b85c06aa78d508eb1abe4d0ccReferenced In Project/Scope: dependency-plugin-tracker:compile
Evidence Type Source Name Value Confidence