Dependency-Check is an open source tool performing a best effort analysis of 3rd party dependencies; false positives and false negatives may exist in the analysis performed by the tool. Use of the tool and the reporting provided constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to the analysis or its use. Any use of the tool and the reporting provided is at the user’s risk. In no event shall the copyright holder or OWASP be held liable for any damages whatsoever arising out of or in connection with the use of this tool, the analysis performed, or the resulting report.

How to read the report | Suppressing false positives | Getting Help: github issues

Project: NorthernWind :: Frontend :: Webapp :: Commons

it.tidalwave.northernwind:it-tidalwave-northernwind-frontend-webapp-commons:1.2-ALPHA-8

Scan Information (show all):

Summary

Display: Showing Vulnerable Dependencies (click to show all)

DependencyVulnerability IDsPackageHighest SeverityCVE CountConfidenceEvidence Count
ST4-4.1.jarpkg:maven/org.antlr/ST4@4.1 016
activation-1.1.1.jarpkg:maven/javax.activation/activation@1.1.1 025
antlr-runtime-3.5.2.jarpkg:maven/org.antlr/antlr-runtime@3.5.2 025
aspectjrt-1.9.6.jarpkg:maven/org.aspectj/aspectjrt@1.9.6 023
commons-io-2.4.jarpkg:maven/commons-io/commons-io@2.4 036
commons-math3-3.0.jarpkg:maven/org.apache.commons/commons-math3@3.0 037
it-tidalwave-html-patches-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-html-patches@1.2-ALPHA-8 023
it-tidalwave-messagebus-3.2-ALPHA-6.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-messagebus@3.2-ALPHA-6 023
it-tidalwave-messagebus-spring-3.2-ALPHA-6.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-messagebus-spring@3.2-ALPHA-6 023
it-tidalwave-northernwind-core-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core@1.2-ALPHA-8 025
it-tidalwave-northernwind-core-default-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core-default@1.2-ALPHA-8 025
it-tidalwave-northernwind-core-filesystem-basic-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core-filesystem-basic@1.2-ALPHA-8 023
it-tidalwave-northernwind-core-filesystem-git-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core-filesystem-git@1.2-ALPHA-8 023
it-tidalwave-northernwind-core-filesystem-hg-1.2-ALPHA-8.jarcpe:2.3:a:mercurial:mercurial:1.2:alpha:*:*:*:*:*:*pkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core-filesystem-hg@1.2-ALPHA-8CRITICAL17Low23
it-tidalwave-northernwind-core-filesystem-scm-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core-filesystem-scm@1.2-ALPHA-8 023
it-tidalwave-northernwind-core-marshalling-default-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core-marshalling-default@1.2-ALPHA-8 025
it-tidalwave-northernwind-core-profiling-1.2-ALPHA-8.jarpkg:maven/it.tidalwave.northernwind/it-tidalwave-northernwind-core-profiling@1.2-ALPHA-8 025
it-tidalwave-role-3.2-ALPHA-6.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-role@3.2-ALPHA-6 023
it-tidalwave-role-spring-3.2-ALPHA-6.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-role-spring@3.2-ALPHA-6 025
it-tidalwave-util-3.2-ALPHA-6.jarpkg:maven/it.tidalwave.thesefoolishthings/it-tidalwave-util@3.2-ALPHA-6 023
javax.annotation-api-1.3.2.jarpkg:maven/javax.annotation/javax.annotation-api@1.3.2 039
javax.inject-1.jarpkg:maven/javax.inject/javax.inject@1 019
jaxb-api-2.2.11.jarpkg:maven/javax.xml.bind/jaxb-api@2.2.11 042
jaxb-core-2.2.11.jarpkg:maven/com.sun.xml.bind/jaxb-core@2.2.11
pkg:maven/org.glassfish.jaxb/jaxb-core@2.2.11
 044
jaxb-core-2.2.11.jar (shaded: com.sun.istack:istack-commons-runtime:2.21)pkg:maven/com.sun.istack/istack-commons-runtime@2.21 011
jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:txw2:2.2.11)pkg:maven/org.glassfish.jaxb/txw2@2.2.11 011
jaxb-impl-2.2.11.jarpkg:maven/com.sun.xml.bind/jaxb-impl@2.2.11 040
jaxb-impl-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.2.11)pkg:maven/org.glassfish.jaxb/jaxb-runtime@2.2.11 011
jcl-over-slf4j-1.7.30.jarpkg:maven/org.slf4j/jcl-over-slf4j@1.7.30 033
jsr305-3.0.2.jarpkg:maven/com.google.code.findbugs/jsr305@3.0.2 017
jul-to-slf4j-1.7.30.jarpkg:maven/org.slf4j/jul-to-slf4j@1.7.30 028
logback-core-1.2.3.jarcpe:2.3:a:logback:logback:1.2.3:*:*:*:*:*:*:*pkg:maven/ch.qos.logback/logback-core@1.2.3 0Highest32
lombok-1.18.18.jarpkg:maven/org.projectlombok/lombok@1.18.18 024
org-openide-filesystems-RELEASE80.jarpkg:maven/org.netbeans.api/org-openide-filesystems@RELEASE80 024
org-openide-util-RELEASE80.jarpkg:maven/org.netbeans.api/org-openide-util@RELEASE80 022
org-openide-util-lookup-RELEASE80.jarpkg:maven/org.netbeans.api/org-openide-util-lookup@RELEASE80 022
slf4j-api-1.7.30.jarpkg:maven/org.slf4j/slf4j-api@1.7.30 029
spotbugs-annotations-3.1.9.jarpkg:maven/com.github.spotbugs/spotbugs-annotations@3.1.9 021
spring-core-5.3.1.jarcpe:2.3:a:pivotal_software:spring_framework:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:springsource:spring_framework:5.3.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:springsource_spring_framework:5.3.1:*:*:*:*:*:*:*
pkg:maven/org.springframework/spring-core@5.3.1 0Highest31

Dependencies

ST4-4.1.jar

Description:

StringTemplate is a java template engine for generating source code,
		web pages, emails, or any other formatted text output.

		StringTemplate is particularly good at multi-targeted code generators,
		multiple site skins, and internationalization/localization.

		It evolved over years of effort developing jGuru.com.

		StringTemplate also powers the ANTLR 3 and 4 code generator. Its distinguishing characteristic
		is that unlike other engines, it strictly enforces model-view separation.

		Strict separation makes websites and code generators more flexible
		and maintainable; it also provides an excellent defense against malicious
		template authors.
	

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/antlr/ST4/4.1/ST4-4.1.jar
MD5: 0ed049972a799b12d8bd57031a48522a
SHA1: 467d508be07a542ad0a68ffcaed2d561c5fb2e0c
SHA256:8b1ccaed9edc55cd255d9c19c4d8da4756d9b6fcb435671292b43470b16d75d8
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

activation-1.1.1.jar

Description:

The JavaBeans(TM) Activation Framework is used by the JavaMail(TM) API to manage MIME data

License:

COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.0: https://glassfish.dev.java.net/public/CDDLv1.0.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/activation/activation/1.1.1/activation-1.1.1.jar
MD5: 46a37512971d8eca81c3fcf245bf07d2
SHA1: 485de3a253e23f645037828c07f1d7f1af40763a
SHA256:ae475120e9fcd99b4b00b38329bd61cdc5eb754eee03fe66c01f50e137724f99
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

antlr-runtime-3.5.2.jar

Description:

A framework for constructing recognizers, compilers, and translators from grammatical descriptions containing Java, C#, C++, or Python actions.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/antlr/antlr-runtime/3.5.2/antlr-runtime-3.5.2.jar
MD5: 1fbbae2cb72530207c20b797bdabd029
SHA1: cd9cd41361c155f3af0f653009dcecb08d8b4afd
SHA256:ce3fc8ecb10f39e9a3cddcbb2ce350d272d9cd3d0b1e18e6fe73c3b9389c8734
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

aspectjrt-1.9.6.jar

Description:

The runtime needed to execute a program using AspectJ

License:

Eclipse Public License - v 1.0: http://www.eclipse.org/legal/epl-v10.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/aspectj/aspectjrt/1.9.6/aspectjrt-1.9.6.jar
MD5: 391f9257f19b84b45eb79a1878b9600a
SHA1: 1651849d48659e5703adc2599e694bf67b8c3fc4
SHA256:20c785678cbb4ee045914daf83da25f98a16071177dfa0e3451326723dfb4705
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

commons-io-2.4.jar

Description:

The Commons IO library contains utility classes, stream implementations, file filters, 
file comparators, endian transformation classes, and much more.
  

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/commons-io/commons-io/2.4/commons-io-2.4.jar
MD5: 7f97854dc04c119d461fed14f5d8bb96
SHA1: b1b6ea3b7e4aa4f492509a4952029cd8e48019ad
SHA256:cc6a41dc3eaacc9e440a6bd0d2890b20d36b4ee408fe2d67122f328bb6e01581
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

commons-math3-3.0.jar

Description:

The Math project is a library of lightweight, self-contained mathematics and statistics components addressing the most common practical problems not immediately available in the Java programming language or commons-lang.

License:

http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/apache/commons/commons-math3/3.0/commons-math3-3.0.jar
MD5: 1c32031c57f7ad9a99fef07bcf1209e8
SHA1: 5f8d1d720333aa9a7dee1c949ea70d9ed7da6106
SHA256:0bde674d932bfc7f048390f86ceb631cf1e8790de7163c0e7bb22409599a38db
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-html-patches-1.2-ALPHA-8.jar

Description:

Some patched classes for manipulating HTML.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-html-patches/1.2-ALPHA-8/it-tidalwave-html-patches-1.2-ALPHA-8.jar
MD5: 3a8d9b99fc3e09b9fcd643e2df15afd3
SHA1: ed595aec10c39a7c2fafd2214f0f36658dbbdc7c
SHA256:5149fbc0e2e5ece6e9f025bbfbf80ef12b8cd229ac080873b9d7b4f45587a736
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-messagebus-3.2-ALPHA-6.jar

Description:

        An abstract description of a simple message bus to be used within an application.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-messagebus/3.2-ALPHA-6/it-tidalwave-messagebus-3.2-ALPHA-6.jar
MD5: f8289ebe8e12ad7a528e05786a3c99e1
SHA1: dd15d636a557416da013e792706224c81a37deb2
SHA256:bd7ef16bf96bd0888d51910aee92c55f7b8b753acdd40e0cbac1bebd26e5dff9
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-messagebus-spring-3.2-ALPHA-6.jar

Description:

        A Spring implementation of a simple message bus to be used within an application.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-messagebus-spring/3.2-ALPHA-6/it-tidalwave-messagebus-spring-3.2-ALPHA-6.jar
MD5: 796a60b7032505b98fb2eaa2c53a8ea9
SHA1: f4992daced01cacb72f6beac8ee0d398afd0b2c3
SHA256:2147fbde19f76282c5f53cf8147ec7414d874c8fc1a4066ff2a6cef00e4c6658
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-northernwind-core-1.2-ALPHA-8.jar

Description:

Contains the interfaces of the Core.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core/1.2-ALPHA-8/it-tidalwave-northernwind-core-1.2-ALPHA-8.jar
MD5: a4286bdaaa0521173f9b410ab091f256
SHA1: 7fd88ada6040d185ac501a897373e095f6847a4c
SHA256:63042a320e4c70327ca139a5c6e02bafad0e27669fb8a943c14dda42f0ea571b
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-northernwind-core-default-1.2-ALPHA-8.jar

Description:

A default implementation of the Core.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core-default/1.2-ALPHA-8/it-tidalwave-northernwind-core-default-1.2-ALPHA-8.jar
MD5: 6868e1cf7f08f3372a9ba78023b0aa38
SHA1: 768d6ab586a786ef7dee1d2c402c21c7b5e8de42
SHA256:4562fc80c6c48ecc6143e06c4062762589593becad35cdb27428ba0f9cd75077
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-northernwind-core-filesystem-basic-1.2-ALPHA-8.jar

Description:

The implementation of some basic filesystems.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core-filesystem-basic/1.2-ALPHA-8/it-tidalwave-northernwind-core-filesystem-basic-1.2-ALPHA-8.jar
MD5: bbd310c9335ef9b6ce4a25299ad20c21
SHA1: 5365300a7ab39e8e8cefb3286b7f57eb00e863f7
SHA256:ee492865e61a26ce4d0b5477ee487460adad8a52e42759b449332f1a7a38d9b6
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-northernwind-core-filesystem-git-1.2-ALPHA-8.jar

Description:

The implementation of the Git filesystem.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core-filesystem-git/1.2-ALPHA-8/it-tidalwave-northernwind-core-filesystem-git-1.2-ALPHA-8.jar
MD5: 1d1b71dcbbb784dc3ca746224f75628e
SHA1: c92b5a537e748ef5bf5744fde1490a568b41aae9
SHA256:8a29a1b2fdab4fcf5fe7e69aa6480bf74cf8ec471e98bd9b4bb443aa0631222b
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-northernwind-core-filesystem-hg-1.2-ALPHA-8.jar

Description:

The implementation of the Mercurial filesystem.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core-filesystem-hg/1.2-ALPHA-8/it-tidalwave-northernwind-core-filesystem-hg-1.2-ALPHA-8.jar
MD5: 35814a0b37d8e3bd78761d3a69b1fa09
SHA1: a94be5d6a854f0fc81ff02d2058abf41875a798b
SHA256:99b75e61dbef7f13bacb257ccaaba28586c03f64f328b8e6944454bbab6fe7ca
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

CVE-2010-4237  

Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote attackers who acquire a certificate signed by a Certificate Authority to perform a man-in-the-middle attack.
CWE-295 Improper Certificate Validation

CVSSv2:
  • Base Score: MEDIUM (4.3)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions:

CVE-2014-9390  

Git before 1.8.5.6, 1.9.x before 1.9.5, 2.0.x before 2.0.5, 2.1.x before 2.1.4, and 2.2.x before 2.2.1 on Windows and OS X; Mercurial before 3.2.3 on Windows and OS X; Apple Xcode before 6.2 beta 3; mine all versions before 08-12-2014; libgit2 all versions up to 0.21.2; Egit all versions before 08-12-2014; and JGit all versions before 08-12-2014 allow remote Git servers to execute arbitrary commands via a tree containing a crafted .git/config file with (1) an ignorable Unicode codepoint, (2) a git~1/config representation, or (3) mixed case that is improperly handled on a case-insensitive filesystem.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2014-9462  

The _validaterepo function in sshpeer in Mercurial before 3.2.4 allows remote attackers to execute arbitrary commands via a crafted repository name in a clone command.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P

References:

Vulnerable Software & Versions:

CVE-2016-3068  

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2016-3069  

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted name when converting a Git repository.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2016-3105  

The convert extension in Mercurial before 3.8 might allow context-dependent attackers to execute arbitrary code via a crafted git repository name.
CWE-284 Improper Access Control

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2016-3630  

The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, or (3) pull command, related to (a) a list sizing rounding error and (b) short records.
CWE-19 Data Processing Errors

CVSSv2:
  • Base Score: MEDIUM (6.8)
  • Vector: /AV:N/AC:M/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions: (show all)

CVE-2017-1000115  

Mercurial prior to version 4.3 is vulnerable to a missing symlink check that can malicious repositories to modify files outside the repository
CWE-59 Improper Link Resolution Before File Access ('Link Following')

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions:

CVE-2017-1000116  

Mercurial prior to 4.3 did not adequately sanitize hostnames passed to ssh, leading to possible shell-injection attacks.
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVSSv2:
  • Base Score: HIGH (10.0)
  • Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-17458  

In Mercurial before 4.4.1, it is possible that a specially malformed repository can cause Git subrepositories to run arbitrary code in the form of a .git/hooks/post-update script checked into the repository. Typical use of Mercurial prevents construction of such repositories, but they can be created programmatically.
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')

CVSSv2:
  • Base Score: HIGH (10.0)
  • Vector: /AV:N/AC:L/Au:N/C:C/I:C/A:C
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2017-9462  

In Mercurial before 4.1.3, "hg serve --stdio" allows remote authenticated users to launch the Python debugger, and consequently execute arbitrary code, by using --debugger as a repository name.
CWE-732 Incorrect Permission Assignment for Critical Resource

CVSSv2:
  • Base Score: HIGH (9.0)
  • Vector: /AV:N/AC:L/Au:S/C:C/I:C/A:C
CVSSv3:
  • Base Score: HIGH (8.8)
  • Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2018-1000132  

Mercurial version 4.5 and earlier contains a Incorrect Access Control (CWE-285) vulnerability in Protocol server that can result in Unauthorized data access. This attack appear to be exploitable via network connectivity. This vulnerability appears to have been fixed in 4.5.1.
CWE-732 Incorrect Permission Assignment for Critical Resource

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:N
CVSSv3:
  • Base Score: CRITICAL (9.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

References:

Vulnerable Software & Versions:

CVE-2018-13346  

The mpatch_apply function in mpatch.c in Mercurial before 4.6.1 incorrectly proceeds in cases where the fragment start is past the end of the original data, aka OVE-20180430-0004.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions:

CVE-2018-13347  

mpatch.c in Mercurial before 4.6.1 mishandles integer addition and subtraction, aka OVE-20180430-0002.
CWE-190 Integer Overflow or Wraparound

CVSSv2:
  • Base Score: HIGH (7.5)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSSv3:
  • Base Score: CRITICAL (9.8)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Vulnerable Software & Versions:

CVE-2018-13348  

The mpatch_decode function in mpatch.c in Mercurial before 4.6.1 mishandles certain situations where there should be at least 12 bytes remaining after the current position in the patch data, but actually are not, aka OVE-20180430-0001.
CWE-20 Improper Input Validation

CVSSv2:
  • Base Score: MEDIUM (5.0)
  • Vector: /AV:N/AC:L/Au:N/C:N/I:P/A:N
CVSSv3:
  • Base Score: HIGH (7.5)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions:

CVE-2018-17983  

cext/manifest.c in Mercurial before 4.7.2 has an out-of-bounds read during parsing of a malformed manifest entry.
CWE-125 Out-of-bounds Read

CVSSv2:
  • Base Score: MEDIUM (6.4)
  • Vector: /AV:N/AC:L/Au:N/C:P/I:N/A:P
CVSSv3:
  • Base Score: CRITICAL (9.1)
  • Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

References:

Vulnerable Software & Versions:

CVE-2019-3902  

A flaw was found in Mercurial before 4.9. It was possible to use symlinks and subrepositories to defeat Mercurial's path-checking logic and write files outside a repository.
CWE-59 Improper Link Resolution Before File Access ('Link Following')

CVSSv2:
  • Base Score: MEDIUM (5.8)
  • Vector: /AV:N/AC:M/Au:N/C:N/I:P/A:P
CVSSv3:
  • Base Score: MEDIUM (5.9)
  • Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

References:

Vulnerable Software & Versions:

it-tidalwave-northernwind-core-filesystem-scm-1.2-ALPHA-8.jar

Description:

Support classes for SCM filesystems.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core-filesystem-scm/1.2-ALPHA-8/it-tidalwave-northernwind-core-filesystem-scm-1.2-ALPHA-8.jar
MD5: d91528b87e52b40abe1f0bdcd22fdeb1
SHA1: 0e8a50d4786fe36d9854cd6dd0a05322c76471f0
SHA256:74e027c5bcd1c0b76b19a5e5579252e60bc784823ad692fd250c39a0796ffaf1
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-northernwind-core-marshalling-default-1.2-ALPHA-8.jar

Description:

The default implementation of marshalling for some Core classes.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core-marshalling-default/1.2-ALPHA-8/it-tidalwave-northernwind-core-marshalling-default-1.2-ALPHA-8.jar
MD5: 7427a83bc01b5a5cd19411afc05db861
SHA1: 486e5bbe1cf08860ca108122aa7559971df4ff1a
SHA256:adf504a019d4a2297d8420c7aba25819ef6fd607e9e40c2efd73a543b41e994d
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-northernwind-core-profiling-1.2-ALPHA-8.jar

Description:

This module collects elapsed times for processing requests and builds up some statistics.

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/northernwind/it-tidalwave-northernwind-core-profiling/1.2-ALPHA-8/it-tidalwave-northernwind-core-profiling-1.2-ALPHA-8.jar
MD5: 1ef1bededccf716f86f3d1516a11c435
SHA1: 75c864aa45879789c55c906cb139f3dd30b9587c
SHA256:363eb0653b839ba5f444e194e8a61afed1304d255a687447eba9468cea5dbfaa
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-role-3.2-ALPHA-6.jar

Description:

        Roles are a powerful way for designing complex behaviours while keeping good practices such as Single Responsibility, Dependency Inversion and
        Interface Segregation.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-role/3.2-ALPHA-6/it-tidalwave-role-3.2-ALPHA-6.jar
MD5: 23b8645930465e65835eb789dcb3690f
SHA1: 0b800bbea8394bc98932759cc72d05ea86282aa2
SHA256:74cd3e429481c0eecfa6d247d0695f5cc0973448a732b018ebc89ecf5e748bec
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-role-spring-3.2-ALPHA-6.jar

Description:

        Specific Spring support for DCI roles.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-role-spring/3.2-ALPHA-6/it-tidalwave-role-spring-3.2-ALPHA-6.jar
MD5: 2d60c80126260ccaf21a7f0c6299d943
SHA1: 32720745dd26fc1d545bd06f5502022c4bf6831f
SHA256:00b6311fe342f8bd4e18e1bc8a455070c020367095946bdf441c4ebb380f2546
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

it-tidalwave-util-3.2-ALPHA-6.jar

Description:

        A collection of commmon utilities.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/it/tidalwave/thesefoolishthings/it-tidalwave-util/3.2-ALPHA-6/it-tidalwave-util-3.2-ALPHA-6.jar
MD5: 0f4175ff23fc0c42d7caa08a67cb5b45
SHA1: dc696f982e12d6f226c91906cac851d976d2bcf5
SHA256:09f983d2bbbf84d0177ea62f2c394bd7f52fa8cb048cde121f645a2a476c1a32
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

javax.annotation-api-1.3.2.jar

Description:

Common Annotations for the JavaTM Platform API

License:

CDDL + GPLv2 with classpath exception: https://github.com/javaee/javax.annotation/blob/master/LICENSE
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/annotation/javax.annotation-api/1.3.2/javax.annotation-api-1.3.2.jar
MD5: 2ab1973eefffaa2aeec47d50b9e40b9d
SHA1: 934c04d3cfef185a8008e7bf34331b79730a9d43
SHA256:e04ba5195bcd555dc95650f7cc614d151e4bcd52d29a10b8aa2197f3ab89ab9b
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

javax.inject-1.jar

Description:

The javax.inject API

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/inject/javax.inject/1/javax.inject-1.jar
MD5: 289075e48b909e9e74e6c915b3631d2e
SHA1: 6975da39a7040257bd51d21a231b76c915872d38
SHA256:91c77044a50c481636c32d916fd89c9118a72195390452c81065080f957de7ff
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jaxb-api-2.2.11.jar

Description:

JAXB (JSR 222) API

License:

CDDL 1.1: https://glassfish.java.net/public/CDDL+GPL_1_1.html
GPL2 w/ CPE: https://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/javax/xml/bind/jaxb-api/2.2.11/jaxb-api-2.2.11.jar
MD5: 5983d1e2ec1a9b0604575cd9e9582591
SHA1: 32274d4244967ff43e7a5d967743d94ed3d2aea7
SHA256:273d82f8653b53ad9d00ce2b2febaef357e79a273560e796ff3fcfec765f8910
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jaxb-core-2.2.11.jar

Description:

Old JAXB Core module. Contains sources required by XJC, JXC and Runtime modules with dependencies.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-core/2.2.11/jaxb-core-2.2.11.jar
MD5: c5eca4e58a75eabe3379926803421bab
SHA1: c3f87d654f8d5943cd08592f3f758856544d279a
SHA256:b13da0c655a3d590a2a945553648c407e6347648c9f7a3f811b7b3a8a1974baa
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jaxb-core-2.2.11.jar (shaded: com.sun.istack:istack-commons-runtime:2.21)

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-core/2.2.11/jaxb-core-2.2.11.jar/META-INF/maven/com.sun.istack/istack-commons-runtime/pom.xml
MD5: caebf95d1d57fc0321b36137e246e192
SHA1: 04c234cf684a202c5c9bb7f0a198ba97e958f8f4
SHA256:ebe7137b5fbfd050545f9a7f3f339ae55beb0b53755071b4fd62aa024c626d1c
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jaxb-core-2.2.11.jar (shaded: org.glassfish.jaxb:txw2:2.2.11)

Description:

        TXW is a library that allows you to write XML documents.
    

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-core/2.2.11/jaxb-core-2.2.11.jar/META-INF/maven/org.glassfish.jaxb/txw2/pom.xml
MD5: 83d24d59202baf2810daa01739963822
SHA1: 4be03527dbf2428f7ea99fb9c2f50f089dffad5e
SHA256:8514cb724b4fca59a5cf272b632e539bd0a0f3cacf1844082d0a173a86406bd8
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jaxb-impl-2.2.11.jar

Description:

Old JAXB Runtime module. Contains sources required for runtime processing.

License:

http://glassfish.java.net/public/CDDL+GPL_1_1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-impl/2.2.11/jaxb-impl-2.2.11.jar
MD5: bea06b3ee5ef2c338beac9187b7782f3
SHA1: a49ce57aee680f9435f49ba6ef427d38c93247a6
SHA256:f91793a96f185a2fc004c86a37086f060985854ce6b19935e03c4de51e3201d2
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jaxb-impl-2.2.11.jar (shaded: org.glassfish.jaxb:jaxb-runtime:2.2.11)

Description:

JAXB (JSR 222) Reference Implementation

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/sun/xml/bind/jaxb-impl/2.2.11/jaxb-impl-2.2.11.jar/META-INF/maven/org.glassfish.jaxb/jaxb-runtime/pom.xml
MD5: fa2e4dc2609e6a4d96418f4ac6519e8d
SHA1: 6a1651361e4c2392aff30da0df648187f670f8cb
SHA256:e5327b31b595ab8143e97836d5ccdf85feb91e7ff5666f7b26913632facca4aa
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jcl-over-slf4j-1.7.30.jar

Description:

JCL 1.2 implemented over SLF4J

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/jcl-over-slf4j/1.7.30/jcl-over-slf4j-1.7.30.jar
MD5: 69ad224b2feb6f86554fe8997b9c3d4b
SHA1: cd92524ea19d27e5b94ecd251e1af729cffdfe15
SHA256:71e9ee37b9e4eb7802a2acc5f41728a4cf3915e7483d798db3b4ff2ec8847c50
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:runtime

Identifiers

jsr305-3.0.2.jar

Description:

JSR305 Annotations for Findbugs

License:

The Apache Software License, Version 2.0: http://www.apache.org/licenses/LICENSE-2.0.txt
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/google/code/findbugs/jsr305/3.0.2/jsr305-3.0.2.jar
MD5: dd83accb899363c32b07d7a1b2e4ce40
SHA1: 25ea2e8b0c338a877313bd4672d3fe056ea78f0d
SHA256:766ad2a0783f2687962c8ad74ceecc38a28b9f72a2d085ee438b7813e928d0c7
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

jul-to-slf4j-1.7.30.jar

Description:

JUL to SLF4J bridge

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/jul-to-slf4j/1.7.30/jul-to-slf4j-1.7.30.jar
MD5: f2c78cb93d70dc5dea0c50f36ace09c1
SHA1: d58bebff8cbf70ff52b59208586095f467656c30
SHA256:bbcbfdaa72572255c4f85207a9bfdb24358dc993e41252331bd4d0913e4988b9
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:runtime

Identifiers

logback-core-1.2.3.jar

Description:

logback-core module

License:

http://www.eclipse.org/legal/epl-v10.html, http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/ch/qos/logback/logback-core/1.2.3/logback-core-1.2.3.jar
MD5: 841fc80c6edff60d947a3872a2db4d45
SHA1: 864344400c3d4d92dfeb0a305dc87d953677c03c
SHA256:5946d837fe6f960c02a53eda7a6926ecc3c758bbdd69aa453ee429f858217f22
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:runtime

Identifiers

lombok-1.18.18.jar

Description:

Spice up your java: Automatic Resource Management, automatic generation of getters, setters, equals, hashCode and toString, and more!

License:

The MIT License: https://projectlombok.org/LICENSE
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/projectlombok/lombok/1.18.18/lombok-1.18.18.jar
MD5: 6a157cf72924f8d135dcd6c571bf0405
SHA1: 481f5bfed3ae29f656eedfe9e98c8365b8ba5c57
SHA256:601ec46206e0f9cac2c0583b3350e79f095419c395e991c761640f929038e9cc
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:provided

Identifiers

org-openide-filesystems-RELEASE80.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/netbeans/api/org-openide-filesystems/RELEASE80/org-openide-filesystems-RELEASE80.jar
MD5: e0156cecd9b59b39d6f563147b33d06b
SHA1: 49a7350f013a9eb94e77f0d612b8e48c0b277664
SHA256:122784ee11f7ee519b4ecfa08018491d6e478604406e0213e7a72b801585d10e
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

org-openide-util-RELEASE80.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/netbeans/api/org-openide-util/RELEASE80/org-openide-util-RELEASE80.jar
MD5: d566d984d4b7141f0c1b310a9cc88989
SHA1: 93d71a0289ce4881c1a8e5bca620409f87f81287
SHA256:4bd08c136ecdf665261b893da19f2660f450c7556a17970dd161c999af779b2d
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

org-openide-util-lookup-RELEASE80.jar

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/netbeans/api/org-openide-util-lookup/RELEASE80/org-openide-util-lookup-RELEASE80.jar
MD5: c127b6177adc1c32dcdfe83f4265cb77
SHA1: ae3673a0268f1e34fc7c1e8b56f805036de914bb
SHA256:955d96e2df1b5724624a317e910db51c3e29666b38c7c68c52ad773a294ffd47
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

slf4j-api-1.7.30.jar

Description:

The slf4j API

File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/slf4j/slf4j-api/1.7.30/slf4j-api-1.7.30.jar
MD5: f8be00da99bc4ab64c79ab1e2be7cb7c
SHA1: b5a4b6d16ab13e34a88fae84c35cd5d68cac922c
SHA256:cdba07964d1bb40a0761485c6b1e8c2f8fd9eb1d19c53928ac0d7f9510105c57
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:runtime

Identifiers

spotbugs-annotations-3.1.9.jar

Description:

Annotations the SpotBugs tool supports

License:

GNU LESSER GENERAL PUBLIC LICENSE, Version 2.1: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/com/github/spotbugs/spotbugs-annotations/3.1.9/spotbugs-annotations-3.1.9.jar
MD5: 56a1a81d69b6a111161bbce0e6dea26a
SHA1: 2ef5127efcc1a899aab8c66d449a631c9a99c469
SHA256:68c7c46b4299e94837e236ae742f399901a950fe910fe3ca710026753b5dd2e1
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers

spring-core-5.3.1.jar

Description:

Spring Core

License:

Apache License, Version 2.0: https://www.apache.org/licenses/LICENSE-2.0
File Path: /Volumes/Users/fritz/LocalData/Business/Tidalwave/Projects/WorkAreas/tidalwave.bitbucket.io/repository/org/springframework/spring-core/5.3.1/spring-core-5.3.1.jar
MD5: df36706fc74458c9c28e97aca7fae409
SHA1: 47af5b161749cd249fc074b4f140e011a3337efd
SHA256:6ee995055163c59703be237be59f0565acb97c9d42c5d60df2bf3a4b4c6ef6e9
Referenced In Project/Scope:NorthernWind :: Frontend :: Webapp :: Commons:compile

Identifiers



This report contains data retrieved from the National Vulnerability Database.
This report may contain data retrieved from the NPM Public Advisories.
This report may contain data retrieved from RetireJS.
This report may contain data retrieved from the Sonatype OSS Index.