Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

Project: blueMarine II :: UI :: JavaFX

it.tidalwave.bluemarine2:it-tidalwave-bluemarine2-ui-javafx:1.1-ALPHA-1

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
activation-1.1.1.jarpkg:maven/javax.activation/activation@1.1.1 025
aspectjrt-1.9.6.jarpkg:maven/org.aspectj/aspectjrt@1.9.6 023
commons-codec-1.10.jarpkg:maven/commons-codec/commons-codec@1.10 040
commons-io-2.4.jarpkg:maven/commons-io/commons-io@2.4 036
commons-lang-2.6.jarpkg:maven/commons-lang/commons-lang@2.6 035
commons-lang3-3.5.jarpkg:maven/org.apache.commons/commons-lang3@3.5 041
fluent-hc-4.5.2.jarcpe:2.3:a:apache:httpclient:4.5.2:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/fluent-hc@4.5.2MEDIUM1Low34
guava-18.0.jarcpe:2.3:a:google:guava:18.0:*:*:*:*:*:*:*pkg:maven/com.google.guava/guava@18.0MEDIUM2Highest22
httpclient-4.4.jarcpe:2.3:a:apache:httpclient:4.4:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpclient@4.4MEDIUM1Highest34
httpclient-osgi-4.5.2.jarcpe:2.3:a:apache:httpclient:4.5.2:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpclient-osgi@4.5.2
pkg:maven/org.apache.httpcomponents/httpclient@4.5.2
MEDIUM1Highest46
httpclient-osgi-4.5.2.jar (shaded: commons-codec:commons-codec:1.9)pkg:maven/commons-codec/commons-codec@1.9 014
httpclient-osgi-4.5.2.jar (shaded: org.apache.httpcomponents:httpclient-cache:4.5.2)cpe:2.3:a:apache:httpclient:4.5.2:*:*:*:*:*:*:*pkg:maven/org.apache.httpcomponents/httpclient-cache@4.5.2MEDIUM1Highest13
httpcore-4.4.jarpkg:maven/org.apache.httpcomponents/httpcore@4.4 030
httpcore-nio-4.4.4.jarpkg:maven/org.apache.httpcomponents/httpcore-nio@4.4.4 032
httpcore-osgi-4.4.4.jarpkg:maven/org.apache.httpcomponents/httpcore-osgi@4.4.4
pkg:maven/org.apache.httpcomponents/httpcore@4.4.4
 040
httpmime-4.5.2.jarpkg:maven/org.apache.httpcomponents/httpmime@4.5.2 032
it-tidalwave-bluemarine2-catalog-1.1-ALPHA-1.jarpkg:maven/it.tidalwave.bluemarine2/it-tidalwave-bluemarine2-catalog@1.1-ALPHA-1 023
it-tidalwave-bluemarine2-commons-1.1-ALPHA-1.jarpkg:maven/it.tidalwave.bluemarine2/it-tidalwave-bluemarine2-commons@1.1-ALPHA-1 023
it-tidalwave-bluemarine2-downloader-1.1-ALPHA-1.jarpkg:maven/it.tidalwave.bluemarine2/it-tidalwave-bluemarine2-downloader@1.1-ALPHA-1 025
it-tidalwave-bluemarine2-model-1.1-ALPHA-1.jarpkg:maven/it.tidalwave.bluemarine2/it-tidalwave-bluemarine2-model@1.1-ALPHA-1 025
it-tidalwave-bluemarine2-persistence-1.1-ALPHA-1.jarpkg:maven/it.tidalwave.bluemarine2/it-tidalwave-bluemarine2-persistence@1.1-ALPHA-1 025
it-tidalwave-bluemarine2-ui-1.1-ALPHA-1.jarpkg:maven/it.tidalwave.bluemarine2/it-tidalwave-bluemarine2-ui@1.1-ALPHA-1 025
it-tidalwave-bluemarine2-vocabulary-1.1-ALPHA-1.jarpkg:maven/it.tidalwave.bluemarine2/it-tidalwave-bluemarine2-vocabulary@1.1-ALPHA-1 023
it-tidalwave-messagebus-3.2-ALPHA-11.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-messagebus@3.2-ALPHA-11 023
it-tidalwave-messagebus-spring-3.2-ALPHA-11.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-messagebus-spring@3.2-ALPHA-11 023
it-tidalwave-role-3.2-ALPHA-11.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-role@3.2-ALPHA-11 023
it-tidalwave-role-spring-3.2-ALPHA-11.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-role-spring@3.2-ALPHA-11 025
it-tidalwave-role-ui-javafx-1.1-ALPHA-2.jarpkg:maven/it.tidalwave.steelblue/it-tidalwave-role-ui-javafx@1.1-ALPHA-2 027
it-tidalwave-util-3.2-ALPHA-11.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-util@3.2-ALPHA-11 023
jackson-core-2.12.2.jarcpe:2.3:a:fasterxml:jackson-modules-java8:2.12.2:*:*:*:*:*:*:*pkg:maven/com.fasterxml.jackson.core/jackson-core@2.12.2 0Low49
jackson-databind-2.12.2.jarcpe:2.3:a:fasterxml:jackson-databind:2.12.2:*:*:*:*:*:*:*
cpe:2.3:a:fasterxml:jackson-modules-java8:2.12.2:*:*:*:*:*:*:*
pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.12.2 0Highest43
jaudiotagger-2.2.5.jarpkg:maven/net.jthink/jaudiotagger@2.2.5 030
javafx-base-11.0.1-mac.jarpkg:maven/org.openjfx/javafx-base@11.0.1 09
javafx-base-11.0.1.jarpkg:maven/org.openjfx/javafx-base@11.0.1 015
javafx-controls-11.0.1-mac.jarpkg:maven/org.openjfx/javafx-controls@11.0.1 011
javafx-controls-11.0.1.jarpkg:maven/org.openjfx/javafx-controls@11.0.1 015
javafx-fxml-11.0.1-mac.jarpkg:maven/org.openjfx/javafx-fxml@11.0.1 09
javafx-fxml-11.0.1.jarpkg:maven/org.openjfx/javafx-fxml@11.0.1 015
javafx-graphics-11.0.1-mac.jar: javafx-swt.jar 07
javafx-graphics-11.0.1.jarpkg:maven/org.openjfx/javafx-graphics@11.0.1 015
javafx-media-11.0.1-mac.jarcpe:2.3:a:oracle:javafx:11.0.1:*:*:*:*:*:*:*pkg:maven/org.openjfx/javafx-media@11.0.1 0Low10
javafx-media-11.0.1.jarpkg:maven/org.openjfx/javafx-media@11.0.1 015
javax.annotation-api-1.3.2.jarpkg:maven/javax.annotation/javax.annotation-api@1.3.2 039
javax.inject-1.jarpkg:maven/javax.inject/javax.inject@1 019
jaxb-api-2.2.11.jarpkg:maven/javax.xml.bind/jaxb-api@2.2.11 042
jaxb-core-2.2.11.jarpkg:maven/com.sun.xml.bind/jaxb-core@2.2.11
pkg:maven/org.glassfish.jaxb/jaxb-core@2.2.11
 044
jaxb-core-2.2.11.jar (shaded: com.sun.istack:istack-commons-runtime:2.21)pkg:maven/com.sun.istack/istack-commons-runtime@2.21 011
jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:txw2:2.2.11)pkg:maven/org.glassfish.jaxb/txw2@2.2.11 011
jaxb-impl-2.2.11.jarpkg:maven/com.sun.xml.bind/jaxb-impl@2.2.11 040
jaxb-impl-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.2.11)pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.2.11 011
jcl-over-slf4j-1.7.30.jarpkg:maven/org.slf4j/jcl-over-slf4j@1.7.30 033
jsonld-java-0.8.3.jarpkg:maven/com.github.jsonld-java/jsonld-java@0.8.3 025
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
jul-to-slf4j-1.7.30.jarpkg:maven/org.slf4j/jul-to-slf4j@1.7.30 028
logback-core-1.2.3.jarcpe:2.3:a:logback:logback:1.2.3:*:*:*:*:*:*:*pkg:maven/ch.qos.logback/logback-core@1.2.3 0Highest32
lombok-1.18.18.jarpkg:maven/org.projectlombok/lombok@1.18.18 024
mapdb-1.0.8.jarpkg:maven/org.mapdb/mapdb@1.0.8 021
opencsv-3.2.jarpkg:maven/com.opencsv/opencsv@3.2 022
rdf4j-spin-2.1.4.jarcpe:2.3:a:eclipse:rdf4j:2.1.4:*:*:*:*:*:*:*pkg:maven/org.eclipse.rdf4j/rdf4j-spin@2.1.4CRITICAL1Highest27
slf4j-api-1.7.30.jarpkg:maven/org.slf4j/slf4j-api@1.7.30 029
spatial4j-0.4.1.jarpkg:maven/com.spatial4j/spatial4j@0.4.1 029
spotbugs-annotations-3.1.9.jarpkg:maven/com.github.spotbugs/spotbugs-annotations@3.1.9 021
spring-core-5.3.1.jarcpe:2.3:a:pivotal_software:spring_framework:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:springsource_spring_framework:5.3.1:*:*:*:*:*:*:*
pkg:maven/org.springframework/spring-core@5.3.1 0Highest31

Dependencies

activation-1.1.1.jar

Description:

The JavaBeans(TM) Activation Framework is used by the JavaMail(TM) API to manage MIME data

License:

COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/activation/activation/1.1.1/activation-1.1.1.jar
MD5: 46a37512971d8eca81c3fcf245bf07d2
SHA1: 485de3a253e23f645037828c07f1d7f1af40763a
SHA256:ae475120e9fcd99b4b00b38329bd61cdc5eb754eee03fe66c01f50e137724f99
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

aspectjrt-1.9.6.jar

Description:

The runtime needed to execute a program using AspectJ

License:

Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/aspectj/aspectjrt/1.9.6/aspectjrt-1.9.6.jar
MD5: 391f9257f19b84b45eb79a1878b9600a
SHA1: 1651849d48659e5703adc2599e694bf67b8c3fc4
SHA256:20c785678cbb4ee045914daf83da25f98a16071177dfa0e3451326723dfb4705
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

commons-codec-1.10.jar

Description:

     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/commons-codec/commons-codec/1.10/commons-codec-1.10.jar
MD5: 353cf6a2bdba09595ccfa073b78c7fcb
SHA1: 4b95f4897fa13f2cd904aee711aeafc0c5295cd8
SHA256:4241dfa94e711d435f29a4604a3e2de5c4aa3c165e23bd066be6fc1fc4309569
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

commons-io-2.4.jar

Description:

The Commons IO library contains utility classes, stream implementations, file filters, 
file comparators, endian transformation classes, and much more.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/commons-io/commons-io/2.4/commons-io-2.4.jar
MD5: 7f97854dc04c119d461fed14f5d8bb96
SHA1: b1b6ea3b7e4aa4f492509a4952029cd8e48019ad
SHA256:cc6a41dc3eaacc9e440a6bd0d2890b20d36b4ee408fe2d67122f328bb6e01581
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

commons-lang-2.6.jar

Description:

        Commons Lang, a package of Java utility classes for the
        classes that are in java.lang's hierarchy, or are considered to be so
        standard as to justify existence in java.lang.
    

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/commons-lang/commons-lang/2.6/commons-lang-2.6.jar
MD5: 4d5c1693079575b362edf41500630bbd
SHA1: 0ce1edb914c94ebc388f086c6827e8bdeec71ac2
SHA256:50f11b09f877c294d56f24463f47d28f929cf5044f648661c0f0cfbae9a2f49c
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

commons-lang3-3.5.jar

Description:

  Apache Commons Lang, a package of Java utility classes for the
  classes that are in java.lang's hierarchy, or are considered to be so
  standard as to justify existence in java.lang.
  

License:

https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/commons/commons-lang3/3.5/commons-lang3-3.5.jar
MD5: 780b5a8b72eebe6d0dbff1c11b5658fa
SHA1: 6c6c702c89bfff3cd9e80b04d668c5e190d588c6
SHA256:8ac96fc686512d777fca85e144f196cd7cfe0c0aec23127229497d1a38ff651c
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

fluent-hc-4.5.2.jar

Description:

   Apache HttpComponents Client fluent API
  

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/fluent-hc/4.5.2/fluent-hc-4.5.2.jar
MD5: cf1dabb4e28eb4bef54a3dfd268a9e19
SHA1: 7bfdfa49de6d720ad3c8cedb6a5238eec564dfed
SHA256:f63f033bef4041274aab064ca63fc731298d579de7fd87c9cc1ca2c789717bb8
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

CVE-2020-13956  

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
NVD-CWE-noinfo

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

guava-18.0.jar

Description:

    Guava is a suite of core and expanded libraries that include
    utility classes, google's collections, io classes, and much
    much more.

    Guava has only one code dependency - javax.annotation,
    per the JSR-305 spec.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/google/guava/guava/18.0/guava-18.0.jar
MD5: 947641f6bb535b1d942d1bc387c45290
SHA1: cce0823396aa693798f8882e64213b1772032b09
SHA256:d664fbfc03d2e5ce9cab2a44fb01f1d0bf9dfebeccc1a473b1f9ea31f79f6f99
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

CVE-2018-10237  

Unbounded memory allocation in Google Guava 11.0 through 24.x before 24.1.1 allows remote attackers to conduct denial of service attacks against servers that depend on this library and deserialize attacker-provided data, because the AtomicDoubleArray class (when serialized with Java serialization) and the CompoundOrdering class (when serialized with GWT serialization) perform eager allocation without appropriate checks on what a client has sent and whether the data size is reasonable.
CWE-770 Allocation of Resources Without Limits or Throttling

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:N/A:P
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2020-8908  

A temp directory creation vulnerability exists in all versions of Guava, allowing an attacker with access to the machine to potentially access data in a temporary directory created by the Guava API com.google.common.io.Files.createTempDir(). By default, on unix-like systems, the created directory is world-readable (readable by an attacker with access to the system). The method in question has been marked @Deprecated in versions 30.0 and later and should not be used. For Android developers, we recommend choosing a temporary directory API provided by Android, such as context.getCacheDir(). For other Java developers, we recommend migrating to the Java 7 API java.nio.file.Files.createTempDirectory() which explicitly configures permissions of 700, or configuring the Java runtime's java.io.tmpdir system property to point to a location whose permissions are appropriately configured.
CWE-732 Incorrect Permission Assignment for Critical Resource

CVSSv2:
  • Base Score: LOW (2.1)
  • Vector: /AV:L/AC:L/Au:N/C:P/I:N/A:N
CVSSv3:
  • Base Score: LOW (3.3)
  • Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

References:

Vulnerable Software & Versions: (show all)

httpclient-4.4.jar

Description:

   Apache HttpComponents Client
  

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpclient/4.4/httpclient-4.4.jar
MD5: ccf9833ec0cbd38831ceeb8fc246e2dd
SHA1: 6d220441ca681dddc55a189eae81a437309128b8
SHA256:c50eafa5477af2fa8217d3f729b815ff3c669dbc467552c0feeedc61be965523
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

CVE-2020-13956  

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
NVD-CWE-noinfo

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

httpclient-osgi-4.5.2.jar

Description:

   Apache HttpComponents Client
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpclient-osgi/4.5.2/httpclient-osgi-4.5.2.jar
MD5: 59c3fe979bf2cd795786bf28373b43f6
SHA1: 3262c30d156f3ae05a5c95d9aa39f0e3eed17585
SHA256:de3ec9919ab0d3263fb1c993ceb1d1aba29dba33a26f8aaf0c3679cc8348beea
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

CVE-2020-13956  

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
NVD-CWE-noinfo

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

httpclient-osgi-4.5.2.jar (shaded: commons-codec:commons-codec:1.9)

Description:

     The Apache Commons Codec package contains simple encoder and decoders for
     various formats such as Base64 and Hexadecimal.  In addition to these
     widely used encoders and decoders, the codec package also maintains a
     collection of phonetic encoding utilities.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpclient-osgi/4.5.2/httpclient-osgi-4.5.2.jar/META-INF/maven/commons-codec/commons-codec/pom.xml
MD5: 921b8b50ce6dc0c5a8605d7c7011bd37
SHA1: f5357ff0f308600af3660bf00a8be3415a335723
SHA256:e5efcf039cd909688c201dc5479b144fd6f01f0e40252b7fc5e7d2e1b5c07990
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

httpclient-osgi-4.5.2.jar (shaded: org.apache.httpcomponents:httpclient-cache:4.5.2)

Description:

   Apache HttpComponents HttpClient - Cache
  

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpclient-osgi/4.5.2/httpclient-osgi-4.5.2.jar/META-INF/maven/org.apache.httpcomponents/httpclient-cache/pom.xml
MD5: b19b9eca8a6d93f431eb48f0dbd1fb57
SHA1: b51afa5f36dd4f0b2d7e87867a646a34ab690c96
SHA256:8ed51e8da875c225f5417db283e61f0d2817959f8564a99a5c4e90113aef32d2
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

CVE-2020-13956  

Apache HttpClient versions prior to version 4.5.13 and 5.0.3 can misinterpret malformed authority component in request URIs passed to the library as java.net.URI object and pick the wrong target host for request execution.
NVD-CWE-noinfo

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.3)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

References:

Vulnerable Software & Versions: (show all)

httpcore-4.4.jar

Description:

   Apache HttpComponents Core (blocking I/O)
  

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpcore/4.4/httpcore-4.4.jar
MD5: e016cf1346ba3f65302c3d71c5b91f44
SHA1: e9b3863fd9c8a273ceed4a7fae10f40bb10a2328
SHA256:1ef8db5d30b7741ab5fdf6df876a090a7dd51623e83f3736d0bb8fb1b5ead32f
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

httpcore-nio-4.4.4.jar

Description:

   Apache HttpComponents Core (non-blocking I/O)
  

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpcore-nio/4.4.4/httpcore-nio-4.4.4.jar
MD5: 562f930326530c262c04d7b4f6b1d055
SHA1: 16badfc2d99db264c486ba8c57ae577301a58bd9
SHA256:f21be11ed00a7c655204c03d3ff38c2e8ac88db0913da3598ce5f9ffd686ae1f
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

httpcore-osgi-4.4.4.jar

Description:

   Apache HttpComponents Core (blocking I/O)
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpcore-osgi/4.4.4/httpcore-osgi-4.4.4.jar
MD5: a667179ec81d755e6455ffe6cc5276e8
SHA1: d5c14055e569afca96f4603d6f9d467bc72ccba8
SHA256:a0bd904e00cb6788efd5cd8c180cb19569bba43e22a711e9b020ffa51b045a4c
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

httpmime-4.5.2.jar

Description:

   Apache HttpComponents HttpClient - MIME coded entities
  

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/httpcomponents/httpmime/4.5.2/httpmime-4.5.2.jar
MD5: 336fa980f7527be719fa997f5df8046f
SHA1: 22b4c53dd9b6761024258de8f9240c3dce6ea368
SHA256:231a3f7e4962053db2be8461d5422e68fc458a3a7dd7d8ada803a348e21f8f07
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-bluemarine2-catalog-1.1-ALPHA-1.jar

Description:

        The implementation of the media catalog.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/bluemarine2/it-tidalwave-bluemarine2-catalog/1.1-ALPHA-1/it-tidalwave-bluemarine2-catalog-1.1-ALPHA-1.jar
MD5: d491adf243cb25507e81efd7140a0ece
SHA1: 064ff3d421935cfd4f1fd0bd35e2e8801e96d890
SHA256:7ce7fd8c02097f8f38606b7f6cb0165fcfc0eff61fd2f4d5b7374ae3ce274475
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-bluemarine2-commons-1.1-ALPHA-1.jar

Description:

        Utility code that is common to the whole project.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/bluemarine2/it-tidalwave-bluemarine2-commons/1.1-ALPHA-1/it-tidalwave-bluemarine2-commons-1.1-ALPHA-1.jar
MD5: d450852502b7d426979a720126db986d
SHA1: 555bac8561a9f0bdd8da3ab174f13cd1db500ad8
SHA256:cdd10c81760079227e642bf9693cfd01c6c621f574adcd2b7531985fd9322a3a
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-bluemarine2-downloader-1.1-ALPHA-1.jar

Description:

        The component that is capable to download stuff from the internet.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/bluemarine2/it-tidalwave-bluemarine2-downloader/1.1-ALPHA-1/it-tidalwave-bluemarine2-downloader-1.1-ALPHA-1.jar
MD5: f190ee3dd6ed780dca8a37c13981fa6d
SHA1: 1e1074a650f09e4d78b3d20762302eb94d1def85
SHA256:72c85e4b418c700e83dc2115082d5ffe95ad4cc3ff48d4060e90f8ea498ce987
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-bluemarine2-model-1.1-ALPHA-1.jar

Description:

        The core model for the application.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/bluemarine2/it-tidalwave-bluemarine2-model/1.1-ALPHA-1/it-tidalwave-bluemarine2-model-1.1-ALPHA-1.jar
MD5: b5054e83856058deb7aa52409e9ea67d
SHA1: 97bbf8594aabfb7d85aca8daef6f0ccf404d6e8c
SHA256:f18ccf14a88ce48db2c5e4fe54fcacbe4ac5c9c975f7c198e2dabe4f455c78fa
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-bluemarine2-persistence-1.1-ALPHA-1.jar

Description:

        The implementation of RDF persistence.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/bluemarine2/it-tidalwave-bluemarine2-persistence/1.1-ALPHA-1/it-tidalwave-bluemarine2-persistence-1.1-ALPHA-1.jar
MD5: 5a44b650d03c8141505c755563ebd6a2
SHA1: de11aa5ead48f9e6b8a0ae86372906b3680a5238
SHA256:ccd2be9b26d20152a11c87ef7026e726dbef821cf966ddedda6b840ca34caa67
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-bluemarine2-ui-1.1-ALPHA-1.jar

Description:

        The abstract model of the User Interface.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/bluemarine2/it-tidalwave-bluemarine2-ui/1.1-ALPHA-1/it-tidalwave-bluemarine2-ui-1.1-ALPHA-1.jar
MD5: bd92946dea5e2041dff6e8bfaae776d9
SHA1: fbc2e1eef16915c01e715f9e6c217b5184d962e2
SHA256:fcc4521f3ea1928a78e736c5090cadd5e1bd3674b02e09090393af9c1fc7113b
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-bluemarine2-vocabulary-1.1-ALPHA-1.jar

Description:

        A collection of semantic elements for the database.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/bluemarine2/it-tidalwave-bluemarine2-vocabulary/1.1-ALPHA-1/it-tidalwave-bluemarine2-vocabulary-1.1-ALPHA-1.jar
MD5: 6687e82a11c5d2debbb78283341d13b1
SHA1: 9c428ccc2eb12149d6984f656d7526c59da5e8d2
SHA256:04deb665a70841f40ac7e5f4b1d43fb3a664315159ac9d13dc56dd690b546317
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-messagebus-3.2-ALPHA-11.jar

Description:

        An abstract description of a simple message bus to be used within an application.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-messagebus/3.2-ALPHA-11/it-tidalwave-messagebus-3.2-ALPHA-11.jar
MD5: 5e429b1fdc1357593bdbe4ae2e43eb73
SHA1: 6359be911f918b89a7f164e11c91a953a29d7072
SHA256:d9d982eea5a0bbdb8769ad675866b3324e544eeeba7a3b1a241bffdf557c5cf0
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-messagebus-spring-3.2-ALPHA-11.jar

Description:

        A Spring implementation of a simple message bus to be used within an application.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-messagebus-spring/3.2-ALPHA-11/it-tidalwave-messagebus-spring-3.2-ALPHA-11.jar
MD5: 834a621cb0ac1cc5ee479dbf63631627
SHA1: 7bdeee0717482d985703c445d3eeed39914db684
SHA256:8ad4ec01a28fd88643e030c44f750c4856070c374e875d1d6ea592e29f03ca02
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-role-3.2-ALPHA-11.jar

Description:

        Roles are a powerful way for designing complex behaviours while keeping good practices such as Single Responsibility, Dependency Inversion and
        Interface Segregation.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-role/3.2-ALPHA-11/it-tidalwave-role-3.2-ALPHA-11.jar
MD5: 80ba630d9714bee82e8ec9e143a4b3c9
SHA1: 1ca57201c455a955a9995ab1d48289fed76d8800
SHA256:7e847b7a3d662155d47077626d315bd75d42f28300b22db54d7cfb9fed031d0a
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-role-spring-3.2-ALPHA-11.jar

Description:

        Specific Spring support for DCI roles.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-role-spring/3.2-ALPHA-11/it-tidalwave-role-spring-3.2-ALPHA-11.jar
MD5: ac8fa9eba8d4662b7087daa65f0ccb06
SHA1: efbb2304fffe6760b83a31e2e5fcecf9512406b3
SHA256:105ec6e5a8ec86429c3b4768f01814dca461dd133e6d37e3c96acd9aa8b06c2e
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-role-ui-javafx-1.1-ALPHA-2.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/steelblue/it-tidalwave-role-ui-javafx/1.1-ALPHA-2/it-tidalwave-role-ui-javafx-1.1-ALPHA-2.jar
MD5: 04595283cb55863ac87a817253ca60ae
SHA1: e189745e52eac13dc6000594214142da2d64ffb8
SHA256:a09c323a23445fff711856d3389ce841a0a52c3bed83c2c00fc37d5ebe567bef
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

it-tidalwave-util-3.2-ALPHA-11.jar

Description:

        A collection of common utilities.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-util/3.2-ALPHA-11/it-tidalwave-util-3.2-ALPHA-11.jar
MD5: 177cfe76d9466ac36a64135f63fb3b11
SHA1: 1a9d9cd4f18be3e11f7b6a43b767f5d3a0f5dbde
SHA256:c2a653eccad40eef79de288779dc5e30999b15e2d68d561b82c7e8bf9356aeab
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

jackson-core-2.12.2.jar

Description:

Core Jackson processing abstractions (aka Streaming API), implementation for JSON

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/fasterxml/jackson/core/jackson-core/2.12.2/jackson-core-2.12.2.jar
MD5: d9c1faa07f50abade5c796de00c4b23c
SHA1: 8df50138521d05561a308ec2799cc8dda20c06df
SHA256:7883331763729b72735fdd8a117f32eb7d22695babfb37cc99df8392c196efc3
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

jackson-databind-2.12.2.jar

Description:

General data-binding functionality for Jackson: works on core streaming API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/fasterxml/jackson/core/jackson-databind/2.12.2/jackson-databind-2.12.2.jar
MD5: 8ce740ce76d0b2b0f6e4a13f4dc58c4f
SHA1: 5f9d79e09ebf5d54a46e9f4543924cf7ae7654e0
SHA256:c4002f861d8d33f3202bf8effabb53acc320c5276cc50c1bfaae73c36ce8db32
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

jaudiotagger-2.2.5.jar

Description:

    The aim of this project is to provide a world class Java library
    for editing tag information in audio files.
    Most existing solutions are not java based inhibiting the use of
    java applications with digital files.
   

License:

LGPL: http://www.gnu.org/copyleft/lesser.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/net/jthink/jaudiotagger/2.2.5/jaudiotagger-2.2.5.jar
MD5: 192fd43df458a04d32b215e38489f8ae
SHA1: e9a1c27942a89439e3f8dca737075b7a354a46e1
SHA256:ccf8dc43a2846de375c97e834114b904febc3f4792e103692149a2498d5e390d
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-base-11.0.1-mac.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-base/11.0.1/javafx-base-11.0.1-mac.jar
MD5: 94933060e439fba99478e14fcf2d1b02
SHA1: 2b9ca67aea06b0ea7aa0e740498fc97c822b307e
SHA256:2d8052a08fd2e5d98e1d5a16d724ea5dd02102879de20a193225f57199803983
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-base-11.0.1.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-base/11.0.1/javafx-base-11.0.1.jar
MD5: b85ce0631dae83fe643fbd32ccd08e4c
SHA1: f1354a284f4151d20358e776f6ff68ee35bbb96d
SHA256:c5084a74417a89c69a0c122fae96a4b70bf619fc3d6218ea102a4047ec85ad04
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-controls-11.0.1-mac.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-controls/11.0.1/javafx-controls-11.0.1-mac.jar
MD5: f321c782b9bf158a630cb0a7bea73644
SHA1: 0538fd08a4ecd76788766a69c19e90b4cc0179f8
SHA256:148468742e957b765d5ac6d5ba66ce983e1acdf582c191bb35dbfe8cdefdb314
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-controls-11.0.1.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-controls/11.0.1/javafx-controls-11.0.1.jar
MD5: 2e18fc95e4aa7ce325cefa67b9f61f3d
SHA1: 61cf91bf3494d0616216f49c9e1d183d170adf0a
SHA256:71be28dc4d80744ba541fc50d933729e8703fe1e642ae92037f6fccc7f961971
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-fxml-11.0.1-mac.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-fxml/11.0.1/javafx-fxml-11.0.1-mac.jar
MD5: a835057792b4fc1aa7d6c4bea9547add
SHA1: 352a51a0f0cb13cf83a081b5dd5526acd4fbab30
SHA256:56f9a32b3a1fc76c761bd40c16917ed1675c8d5dcbe492a44ce9ee2391e27139
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-fxml-11.0.1.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-fxml/11.0.1/javafx-fxml-11.0.1.jar
MD5: 6e4c64769d877a47edbdd0023d89a074
SHA1: f290c13d7e984d880c9f114f38c2da949ef18d54
SHA256:546fc449f01cd0bbe51a921f9d3f0e5d8764764480caca4a709e681e7ad0b6cf
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-graphics-11.0.1-mac.jar: javafx-swt.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-graphics/11.0.1/javafx-graphics-11.0.1-mac.jar/javafx-swt.jar
MD5: ee1545edcd485b34080e9389f2f86b5e
SHA1: c12e9a9d5ad723c3e2b60651659b0290d68d9e48
SHA256:a7432e9a357e03571ded2ef3d148086b92c297605797bcb31d37eb95b4779317
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

  • None

javafx-graphics-11.0.1.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-graphics/11.0.1/javafx-graphics-11.0.1.jar
MD5: ff0579b2b89bfc26f6eb73f812076a1b
SHA1: e062cb01783effc6413abbd94d1838f6b0add209
SHA256:f597c672a4337a75ba856f38cf548c524b039f452423c34b55653e56c306733d
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-media-11.0.1-mac.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-media/11.0.1/javafx-media-11.0.1-mac.jar
MD5: 0fe8c8a554463368c7534af091814066
SHA1: bc699ffbb3f3b7862ad4399e8696809eda796d60
SHA256:8aaacfdf086006100b43a81c1d2e818f58b4dace8037c932fad2b8adb95beee7
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javafx-media-11.0.1.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/openjfx/javafx-media/11.0.1/javafx-media-11.0.1.jar
MD5: 3c64d2f98b177ba5e63df8f92eeac962
SHA1: fd095047b7d06f6c7b16afe8cf9dffccab5d4494
SHA256:e15b9abf2b4a339a30984d815df62ca91d04fdd77c45401cbdbbb073dfa1d924
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javax.annotation-api-1.3.2.jar

Description:

Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://github.com/javaee/javax.annotation/blob/master/LICENSE
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/annotation/javax.annotation-api/1.3.2/javax.annotation-api-1.3.2.jar
MD5: 2ab1973eefffaa2aeec47d50b9e40b9d
SHA1: 934c04d3cfef185a8008e7bf34331b79730a9d43
SHA256:e04ba5195bcd555dc95650f7cc614d151e4bcd52d29a10b8aa2197f3ab89ab9b
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

javax.inject-1.jar

Description:

The javax.inject API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

jaxb-api-2.2.11.jar

Description:

JAXB (JSR 222) API

License:

CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/xml/bind/jaxb-api/2.2.11/jaxb-api-2.2.11.jar
MD5: 5983d1e2ec1a9b0604575cd9e9582591
SHA1: 32274d4244967ff43e7a5d967743d94ed3d2aea7
SHA256:273d82f8653b53ad9d00ce2b2febaef357e79a273560e796ff3fcfec765f8910
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

jaxb-core-2.2.11.jar

Description:

Old JAXB Core module. Contains sources required by XJC, JXC and Runtime modules with dependencies.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-core/2.2.11/jaxb-core-2.2.11.jar
MD5: c5eca4e58a75eabe3379926803421bab
SHA1: c3f87d654f8d5943cd08592f3f758856544d279a
SHA256:b13da0c655a3d590a2a945553648c407e6347648c9f7a3f811b7b3a8a1974baa
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

jaxb-core-2.2.11.jar (shaded: com.sun.istack:istack-commons-runtime:2.21)

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-core/2.2.11/jaxb-core-2.2.11.jar/META-INF/maven/com.sun.istack/istack-commons-runtime/pom.xml
MD5: caebf95d1d57fc0321b36137e246e192
SHA1: 04c234cf684a202c5c9bb7f0a198ba97e958f8f4
SHA256:ebe7137b5fbfd050545f9a7f3f339ae55beb0b53755071b4fd62aa024c626d1c
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:txw2:2.2.11)

Description:

        TXW is a library that allows you to write XML documents.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-core/2.2.11/jaxb-core-2.2.11.jar/META-INF/maven/org.glassfish.jaxb/txw2/pom.xml
MD5: 83d24d59202baf2810daa01739963822
SHA1: 4be03527dbf2428f7ea99fb9c2f50f089dffad5e
SHA256:8514cb724b4fca59a5cf272b632e539bd0a0f3cacf1844082d0a173a86406bd8
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

jaxb-impl-2.2.11.jar

Description:

Old JAXB Runtime module. Contains sources required for runtime processing.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-impl/2.2.11/jaxb-impl-2.2.11.jar
MD5: bea06b3ee5ef2c338beac9187b7782f3
SHA1: a49ce57aee680f9435f49ba6ef427d38c93247a6
SHA256:f91793a96f185a2fc004c86a37086f060985854ce6b19935e03c4de51e3201d2
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

jaxb-impl-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.2.11)

Description:

JAXB (JSR 222) Reference Implementation

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-impl/2.2.11/jaxb-impl-2.2.11.jar/META-INF/maven/org.glassfish.jaxb/jaxb-runtime/pom.xml
MD5: fa2e4dc2609e6a4d96418f4ac6519e8d
SHA1: 6a1651361e4c2392aff30da0df648187f670f8cb
SHA256:e5327b31b595ab8143e97836d5ccdf85feb91e7ff5666f7b26913632facca4aa
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

jcl-over-slf4j-1.7.30.jar

Description:

JCL 1.2 implemented over SLF4J

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/jcl-over-slf4j/1.7.30/jcl-over-slf4j-1.7.30.jar
MD5: 69ad224b2feb6f86554fe8997b9c3d4b
SHA1: cd92524ea19d27e5b94ecd251e1af729cffdfe15
SHA256:71e9ee37b9e4eb7802a2acc5f41728a4cf3915e7483d798db3b4ff2ec8847c50
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

jsonld-java-0.8.3.jar

Description:

Json-LD core implementation

License:

https://raw.github.com/jsonld-java/jsonld-java/master/LICENCE
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/github/jsonld-java/jsonld-java/0.8.3/jsonld-java-0.8.3.jar
MD5: 2bb1918de0760e21660f548cc5fedddf
SHA1: 214e8c5ac2ccadbf7c9c9f80ce8b720a5e0d6b25
SHA256:ee0affd3325c623dfef89c48ded3ea98a19bae90ba26ecd615358dd47cd311be
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

jul-to-slf4j-1.7.30.jar

Description:

JUL to SLF4J bridge

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/jul-to-slf4j/1.7.30/jul-to-slf4j-1.7.30.jar
MD5: f2c78cb93d70dc5dea0c50f36ace09c1
SHA1: d58bebff8cbf70ff52b59208586095f467656c30
SHA256:bbcbfdaa72572255c4f85207a9bfdb24358dc993e41252331bd4d0913e4988b9
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

logback-core-1.2.3.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar
MD5: 841fc80c6edff60d947a3872a2db4d45
SHA1: 864344400c3d4d92dfeb0a305dc87d953677c03c
SHA256:5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

lombok-1.18.18.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/projectlombok/lombok/1.18.18/lombok-1.18.18.jar
MD5: 6a157cf72924f8d135dcd6c571bf0405
SHA1: 481f5bfed3ae29f656eedfe9e98c8365b8ba5c57
SHA256:601ec46206e0f9cac2c0583b3350e79f095419c395e991c761640f929038e9cc
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:provided

Identifiers

mapdb-1.0.8.jar

Description:

MapDB provides concurrent Maps, Sets and Queues backed by disk storage or off-heap memory. It is a fast, scalable and easy to use embedded Java database.

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/mapdb/mapdb/1.0.8/mapdb-1.0.8.jar
MD5: aaea7b500b214a08b2dc61d38d04024e
SHA1: 64485a221d9095fc7ab9b50cc34c6b4b58467e2e
SHA256:e757738f3a0867d7d9a1f1532bf7ca09eab02f032767eb403c991cb4e09c4fe0
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

opencsv-3.2.jar

Description:

A simple library for reading and writing CSV in Java

License:

Apache 2: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/opencsv/opencsv/3.2/opencsv-3.2.jar
MD5: ae00a81a37f8a4102b5d265e7d5a872e
SHA1: 11986807ecb3288728bdb33a3165ce84f057d7a4
SHA256:8da30a0838a09ae8a3d4e8bffa42a787ec462dfe824da043d1d625ae7e4c7c94
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

rdf4j-spin-2.1.4.jar

Description:

SPARQL input notation interfaces and implementations

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/eclipse/rdf4j/rdf4j-spin/2.1.4/rdf4j-spin-2.1.4.jar
MD5: 4cf3ed3b0340e6701e99e59b6bf127bd
SHA1: bc0a1f5bea07048cac86e4c570faaf5bace180b1
SHA256:df8614f35f6eeb51fc49cb09cba85116cb0c0a19019db99f5e64338b2944600e
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

CVE-2018-1000644  

Eclipse RDF4j version < 2.4.0 Milestone 2 contains a XML External Entity (XXE) vulnerability in RDF4j XML parser parsing RDF files that can result in the disclosure of confidential data, denial of service, server side request forgery, port scanning. This attack appear to be exploitable via Specially crafted RDF file.
CWE-611 Improper Restriction of XML External Entity Reference ('XXE')

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (10.0)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

slf4j-api-1.7.30.jar

Description:

The slf4j API

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/slf4j-api/1.7.30/slf4j-api-1.7.30.jar
MD5: f8be00da99bc4ab64c79ab1e2be7cb7c
SHA1: b5a4b6d16ab13e34a88fae84c35cd5d68cac922c
SHA256:cdba07964d1bb40a0761485c6b1e8c2f8fd9eb1d19c53928ac0d7f9510105c57
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

spatial4j-0.4.1.jar

Description:

    Spatial4j is a general purpose spatial / geospatial ASL licensed open-source Java library. It's
    core capabilities are 3-fold: to provide common geospatially-aware shapes, to provide distance
    calculations and other math, and to read shapes in WKT format.
  

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/spatial4j/spatial4j/0.4.1/spatial4j-0.4.1.jar
MD5: 7eafc2e18e82d7a38cb800be2dc9d678
SHA1: 4234d12b1ba4d4b539fb3e29edd948a99539d9eb
SHA256:c467b888bf475495a86a0f4491cb87f80f584e7646cafc7686489f81bce371bc
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:runtime

Identifiers

spotbugs-annotations-3.1.9.jar

Description:

Annotations the SpotBugs tool supports

License:

GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/github/spotbugs/spotbugs-annotations/3.1.9/spotbugs-annotations-3.1.9.jar
MD5: 56a1a81d69b6a111161bbce0e6dea26a
SHA1: 2ef5127efcc1a899aab8c66d449a631c9a99c469
SHA256:68c7c46b4299e94837e236ae742f399901a950fe910fe3ca710026753b5dd2e1
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers

spring-core-5.3.1.jar

Description:

Spring Core

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-core/5.3.1/spring-core-5.3.1.jar
MD5: df36706fc74458c9c28e97aca7fae409
SHA1: 47af5b161749cd249fc074b4f140e011a3337efd
SHA256:6ee995055163c59703be237be59f0565acb97c9d42c5d60df2bf3a4b4c6ef6e9
Referenced In Project/Scope:blueMarine II :: UI :: JavaFX:compile

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the NPM Public Advisories.
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.